Advantech WebAccess/SCADA Path Traversal Leading to RCE (CVE-2020-25161)

Vulnerability Key Information 1. Vulnerability Summary CVSSv3 Score: 8.8 Exploitability: Remote exploitation / Low skill level required Vendor: Advantech Affected Equipment: WebAccess/SCADA Vulnerability Type: External Control of File Name or Path 2. Risk Assessment Successful exploitation of this vulnerability may allow an attacker to execute remote code with administrative privileges. 3. Technical Details 3.1 Affected Products WebAccess/SCADA 9.0 and earlier versions 3.2 Vulnerability Overview External Control of File Name or Path (CWE-73): - The WADashboard component in WebAccess/SCADA may allow an attacker to control or influence file system operations by manipulating file paths, leading to remote code execution. - CVE-2020-25161: - CVSS v3 Base Score: 8.8 - CVSS Vector String: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 3.3 Background Critical Infrastructure Sectors: Critical Manufacturing, Energy, Water and Wastewater Systems Deployment Countries/Regions: East Asia, Europe, United States Company Headquarters Location: Taiwan 3.4 Researchers This vulnerability was reported to CISA by Sivathmican Sivakumaran from Trend Micro’s Zero Day Initiative. 4. Mitigation Measures Advantech Recommendation: Upgrade to version 9.0.1 or later. CISA Recommendations: - Minimize network exposure of all control system devices/systems and ensure they are not accessible from the internet. - Place control system networks and remote devices behind firewalls and isolate them from business networks. - When remote access is required, use secure methods such as VPNs, recognizing that the security of the VPN depends on the security of the connecting devices. CISA provides additional guidance on control system security best practices and mitigation measures.

Goal Reached Thanks to every supporter — we hit 100%!

Advantech WebAccess/SCADA Path Traversal Leading to RCE (CVE-2020-25161)