CVE-2021-22652

EPSS 36.8%CWE-306

Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing authentication, which may allow an unauthorized attacker to change the configuration and obtain code execution.

Produtos afetados

n/a · Advantech iView

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://packetstormsecurity.com/files/161937/Advantech-iView-Unauthenticated-Remote-Code-Execution.html https://us-cert.cisa.gov/ics/advisories/icsa-21-040-02