Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Advantech — Vulnerabilities & Security Advisories 139

Browse all 139 CVE security advisories affecting Advantech. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Advantech specializes in industrial automation, providing embedded computing hardware and IoT solutions for manufacturing and infrastructure sectors. The company’s extensive product portfolio, which includes edge gateways and panel PCs, has resulted in a significant vulnerability footprint, with 139 Common Vulnerabilities and Exposures (CVEs) currently recorded. Historical analysis reveals that these security flaws predominantly stem from Remote Code Execution (RCE) and Cross-Site Scripting (XSS) issues, often arising from unpatched web management interfaces or embedded Linux components. Additionally, several instances of privilege escalation and buffer overflow vulnerabilities have been documented, highlighting risks associated with legacy firmware and default configurations. While no single catastrophic incident has defined the brand’s public security history, the sheer volume of disclosed defects underscores persistent challenges in maintaining secure codebases across diverse industrial environments. This pattern necessitates rigorous patch management and network segmentation for organizations relying on Advantech infrastructure to mitigate potential exploitation vectors.

Found 12 results / 139Clear Filters
Top products by Advantech: WebAccess EKI-6333AC-2G iView WebAccess/SCADA WebAccess/VPN Advantech WebAccess Advantech Wireless Sensing and Equipment (WISE) EKI-1524 ADAM-5630 DeviceOn/iEdge R-SeeNet ADAM 5550 HMI Designer ADAM-3600 WebAccess SCADA WebAccess/NMS SUSI IoTSuite and IoT Edge Products WISE-6610
CVE IDTitleCVSSSeverityPublished
CVE-2025-34247 Advantech WebAccess/VPN < 1.1.5 SQL Injection via NetworksController.addNetworkAction() — WebAccess/VPNCWE-89 6.5 -2025-11-06
CVE-2025-34246 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxPrevalidationController.ajaxAction() — WebAccess/VPNCWE-89 6.5 -2025-11-06
CVE-2025-34245 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxStandaloneVpnClientsController.ajaxAction() — WebAccess/VPNCWE-89 6.5 -2025-11-06
CVE-2025-34244 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxFwRulesController.ajaxDeviceFwRulesAction() — WebAccess/VPNCWE-89 6.5 -2025-11-06
CVE-2025-34243 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxFwRulesController.ajaxNetworkFwRulesAction() — WebAccess/VPNCWE-89 6.5 -2025-11-06
CVE-2025-34242 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxNetworkController.ajaxAction() — WebAccess/VPNCWE-89 6.5 -2025-11-06
CVE-2025-34241 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxDeviceController.ajaxDeviceAction() — WebAccess/VPNCWE-89 6.5 -2025-11-06
CVE-2025-34240 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AppManagementController.appUpgradeAction() — WebAccess/VPNCWE-89 6.5 -2025-11-06
CVE-2025-34239 Advantech WebAccess/VPN < 1.1.5 Command Injection in AppManagementController.appUpgradeAction() — WebAccess/VPNCWE-78 7.2 -2025-11-06
CVE-2025-34238 Advantech WebAccess/VPN < 1.1.5 Path Traversal via AjaxStandaloneVpnClientsController.ajaxDownloadRoadWarriorConfigFileAction() — WebAccess/VPNCWE-22 4.9 -2025-11-06
CVE-2025-34237 Advantech WebAccess/VPN < 1.1.5 Stored XSS via StandaloneVpnClientsController.addStandaloneVpnClientAction() — WebAccess/VPNCWE-79 5.4 -2025-11-06
CVE-2025-34236 Advantech WebAccess/VPN < 1.1.5 Stored XSS via NetworksController.addNetworkAction() — WebAccess/VPNCWE-79 5.4 -2025-11-06

This page lists every published CVE security advisory associated with Advantech. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.