CISA has published an advisory on SQL injection, path traversal, command injection, improper input validation, missing authentication for critical function, and improper access control vulnerabilities in Advantech iView. iView Versions 5.6 and prior are affected. Successful exploitation of these vulnerabilities could allow an attacker to read/modify information, execute arbitrary code, limit system availability, and/or crash the application. Advantech has released version 5.7 of iView to address the reported vulnerabilities. CISA also recommends a series of measures to mitigate the vulnerabilities. Access the advisory at CISA.
You are here
Related Resources
Jan 16, 2025 in Cybersecurity, in OT-ICS Security, in Security Preparedness
Jan 16, 2025 in Cybersecurity, in OT-ICS Security, in Federal & State Resources
Jan 16, 2025 in Cybersecurity, in Federal & State Resources, in Security Preparedness