OpenCVE

If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Advantech	Webaccess

Configuration 1 [-]

cpe:2.3:a:advantech:webaccess:8.4.5:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.cisa.gov/news-events/ics-advisories/icsa-23-150-01

History

No history.

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2023-06-07T20:12:46.824Z

Updated: 2024-08-02T06:33:06.094Z

Reserved: 2023-05-24T14:09:39.667Z

Link: CVE-2023-2866

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-06-07T21:15:13.277

Modified: 2024-11-21T07:59:27.240

Link: CVE-2023-2866

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-2866", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2023-05-24T14:09:39.667Z", "datePublished": "2023-06-07T20:12:46.824Z", "dateUpdated": "2024-08-02T06:33:06.094Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "WebAccess/SCADA", "vendor": "Advantech", "versions": [{"status": "affected", "version": "8.4.5"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Marlon Luis Petry reported this vulnerability to CISA."}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server. </span>\n\n"}], "value": "\nIf an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server. \n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-351", "description": "CWE-351 Insufficient Type Distinction", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2023-06-07T20:12:46.824Z"}, "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-150-01"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">Advantech released a new </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.advantech.com/en/support/details/installation?id=1-MS9MJV\">version V9.1.4</a><span style=\"background-color: rgb(255, 255, 255);\"> to address the problem by not including these files.</span>\n\n<br>"}], "value": "\nAdvantech released a new version V9.1.4 https://www.advantech.com/en/support/details/installation \u00a0to address the problem by not including these files.\n\n\n"}], "source": {"discovery": "EXTERNAL"}, "title": "Advantech WebAccess Insufficient Type Distinction", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n<p>Advantech recommends users locate and delete the \u201cWADashboardSetup.msi\u201d file to avoid this issue.</p><p>If\n users wish to remedy this problem in version 8.4.5, they can uninstall \n\"WebAccess Dashboard\" from the control panel. Delete all the files:</p><p>\\Inetpub\\wwwroot\\broadweb\\WADashboard</p><p>\\WebAccess\\Node\\WADashboardSetup.msi</p>\n\n<br>"}], "value": "Advantech recommends users locate and delete the \u201cWADashboardSetup.msi\u201d file to avoid this issue.\n\nIf\n users wish to remedy this problem in version 8.4.5, they can uninstall \n\"WebAccess Dashboard\" from the control panel. Delete all the files:\n\n\\Inetpub\\wwwroot\\broadweb\\WADashboard\n\n\\WebAccess\\Node\\WADashboardSetup.msi\n\n\n\n\n"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T06:33:06.094Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-150-01", "tags": ["x_transferred"]}]}]}}