You are here

Advantech WebAccess Node (ICSA-20-128-01) – Products Used in the Water and Wastewater and Energy Sectors

Advantech WebAccess Node (ICSA-20-128-01) – Products Used in the Water and Wastewater and Energy Sectors

Created: Thursday, May 7, 2020 - 13:45
Categories:
Cybersecurity

CISA has published an advisory on improper validation of array index, relative path traversal, SQL injection, stack-based buffer overflow, heap-based buffer overflow, and out-of-bounds read vulnerabilities in Advantech WebAccess Node. Versions 9.0.0 and 8.4.4 and prior are affected. Successful exploitation of these vulnerabilities may allow information disclosure, remote code execution, and compromise system availability. Advantech has released updated versions of the affected products to address the vulnerabilities. CISA also recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.