ID
VAR-202005-0335
CVE
CVE-2020-12006
TITLE
Advantech WebAccess Node Past Traversal Vulnerability in
Trust: 0.8
sources:
JVNDB: JVNDB-2020-005162
DESCRIPTION
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow a low privilege user to overwrite files outside the application’s control. Advantech WebAccess Node Exists in a past traversal vulnerability.Information is tampered with and service operation is interrupted (DoS) It may be put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of IOCTL 0x0000791e in DATACORE.exe. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess is a browser-based SCADA software package for monitoring, data acquisition, and visualization. It is used to automate complex industrial processes when remote operation is required. Advantech WebAccess Node could allow a remote malicious user to traverse directories on the system, caused by improper validation of user request. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to overwrite arbitrary files on the system
Trust: 4.59
sources:
NVD: CVE-2020-12006 //
JVNDB: JVNDB-2020-005162 //
ZDI: ZDI-20-595 //
ZDI: ZDI-20-589 //
ZDI: ZDI-20-605 //
CNVD: CNVD-2020-29743 //
IVD: ec7b8103-b626-4a4f-985f-bd5bdbb95287 //
IVD: 2d8fc349-4a01-4fa6-8792-ddceae01196f //
VULHUB: VHN-164641 //
VULMON: CVE-2020-12006
IOT TAXONOMY
| category: | ['ICS'] | sub_category: | - | Trust: 1.0 |
sources:
IVD: ec7b8103-b626-4a4f-985f-bd5bdbb95287 //
IVD: 2d8fc349-4a01-4fa6-8792-ddceae01196f //
CNVD: CNVD-2020-29743
AFFECTED PRODUCTS
| vendor: | advantech | model: | webaccess/scada | scope: | - | version: | - | Trust: 2.1 |
| vendor: | advantech | model: | webaccess | scope: | eq | version: | 9.0.0 | Trust: 1.8 |
| vendor: | advantech | model: | webaccess | scope: | lte | version: | 8.4.4 | Trust: 1.0 |
| vendor: | advantech | model: | webaccess | scope: | eq | version: | 8.4.4 | Trust: 0.8 |
| vendor: | advantech | model: | webaccess node | scope: | gte | version: | 8.4.4 | Trust: 0.6 |
| vendor: | advantech | model: | webaccess node | scope: | eq | version: | 9.0.0 | Trust: 0.6 |
| vendor: | webaccess | model: | - | scope: | eq | version: | * | Trust: 0.4 |
| vendor: | webaccess | model: | - | scope: | eq | version: | 9.0.0 | Trust: 0.4 |
sources:
IVD: ec7b8103-b626-4a4f-985f-bd5bdbb95287 //
IVD: 2d8fc349-4a01-4fa6-8792-ddceae01196f //
ZDI: ZDI-20-595 //
ZDI: ZDI-20-589 //
ZDI: ZDI-20-605 //
CNVD: CNVD-2020-29743 //
JVNDB: JVNDB-2020-005162 //
NVD: CVE-2020-12006
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
IVD: ec7b8103-b626-4a4f-985f-bd5bdbb95287 //
IVD: 2d8fc349-4a01-4fa6-8792-ddceae01196f //
ZDI: ZDI-20-595 //
ZDI: ZDI-20-589 //
ZDI: ZDI-20-605 //
CNVD: CNVD-2020-29743 //
VULHUB: VHN-164641 //
VULMON: CVE-2020-12006 //
JVNDB: JVNDB-2020-005162 //
CNNVD: CNNVD-202005-306 //
NVD: CVE-2020-12006
PROBLEMTYPE DATA
| problemtype: | CWE-22 | Trust: 1.9 |
| problemtype: | CWE-23 | Trust: 1.0 |
sources:
VULHUB: VHN-164641 //
JVNDB: JVNDB-2020-005162 //
NVD: CVE-2020-12006
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-202005-306
TYPE
Path traversal
Trust: 1.0
sources:
IVD: ec7b8103-b626-4a4f-985f-bd5bdbb95287 //
IVD: 2d8fc349-4a01-4fa6-8792-ddceae01196f //
CNNVD: CNNVD-202005-306
CONFIGURATIONS
sources:
JVNDB: JVNDB-2020-005162
PATCH
| title: | Advantech has issued an update to correct this vulnerability. | url: | https://www.us-cert.gov/ics/advisories/icsa-20-128-36 | Trust: 2.1 |
| title: | Top Page | url: | https://www.advantech.com/ | Trust: 0.8 |
| title: | Patch for Advantech WebAccess Node Path Traversal Vulnerability (CNVD-2020-29743) | url: | https://www.cnvd.org.cn/patchInfo/show/218853 | Trust: 0.6 |
sources:
ZDI: ZDI-20-595 //
ZDI: ZDI-20-589 //
ZDI: ZDI-20-605 //
CNVD: CNVD-2020-29743 //
JVNDB: JVNDB-2020-005162
EXTERNAL IDS
| db: | NVD | id: | CVE-2020-12006 | Trust: 5.7 |
| db: | ICS CERT | id: | ICSA-20-128-01 | Trust: 3.2 |
| db: | ZDI | id: | ZDI-20-595 | Trust: 2.5 |
| db: | ZDI | id: | ZDI-20-589 | Trust: 2.5 |
| db: | ZDI | id: | ZDI-20-605 | Trust: 2.5 |
| db: | CNVD | id: | CNVD-2020-29743 | Trust: 1.1 |
| db: | CNNVD | id: | CNNVD-202005-306 | Trust: 1.1 |
| db: | JVN | id: | JVNVU93292753 | Trust: 0.8 |
| db: | JVNDB | id: | JVNDB-2020-005162 | Trust: 0.8 |
| db: | ZDI_CAN | id: | ZDI-CAN-9905 | Trust: 0.7 |
| db: | ZDI_CAN | id: | ZDI-CAN-9995 | Trust: 0.7 |
| db: | ZDI_CAN | id: | ZDI-CAN-9901 | Trust: 0.7 |
| db: | AUSCERT | id: | ESB-2020.1646 | Trust: 0.6 |
| db: | NSFOCUS | id: | 47349 | Trust: 0.6 |
| db: | IVD | id: | EC7B8103-B626-4A4F-985F-BD5BDBB95287 | Trust: 0.2 |
| db: | IVD | id: | 2D8FC349-4A01-4FA6-8792-DDCEAE01196F | Trust: 0.2 |
| db: | VULHUB | id: | VHN-164641 | Trust: 0.1 |
| db: | VULMON | id: | CVE-2020-12006 | Trust: 0.1 |
sources:
IVD: ec7b8103-b626-4a4f-985f-bd5bdbb95287 //
IVD: 2d8fc349-4a01-4fa6-8792-ddceae01196f //
ZDI: ZDI-20-595 //
ZDI: ZDI-20-589 //
ZDI: ZDI-20-605 //
CNVD: CNVD-2020-29743 //
VULHUB: VHN-164641 //
VULMON: CVE-2020-12006 //
JVNDB: JVNDB-2020-005162 //
CNNVD: CNNVD-202005-306 //
NVD: CVE-2020-12006
REFERENCES
| url: | https://www.us-cert.gov/ics/advisories/icsa-20-128-01 | Trust: 3.8 |
| url: | https://www.zerodayinitiative.com/advisories/zdi-20-605/ | Trust: 2.4 |
| url: | https://www.us-cert.gov/ics/advisories/icsa-20-128-36 | Trust: 2.1 |
| url: | https://www.zerodayinitiative.com/advisories/zdi-20-589/ | Trust: 1.8 |
| url: | https://www.zerodayinitiative.com/advisories/zdi-20-595/ | Trust: 1.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2020-12006 | Trust: 1.4 |
| url: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-12006 | Trust: 0.8 |
| url: | https://jvn.jp/vu/jvnvu93292753/ | Trust: 0.8 |
| url: | http://www.nsfocus.net/vulndb/47349 | Trust: 0.6 |
| url: | https://www.auscert.org.au/bulletins/esb-2020.1646/ | Trust: 0.6 |
| url: | https://cwe.mitre.org/data/definitions/22.html | Trust: 0.1 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
| url: | https://exchange.xforce.ibmcloud.com/vulnerabilities/181598 | Trust: 0.1 |
sources:
ZDI: ZDI-20-595 //
ZDI: ZDI-20-589 //
ZDI: ZDI-20-605 //
CNVD: CNVD-2020-29743 //
VULHUB: VHN-164641 //
VULMON: CVE-2020-12006 //
JVNDB: JVNDB-2020-005162 //
CNNVD: CNNVD-202005-306 //
NVD: CVE-2020-12006
CREDITS
Z0mb1E
Trust: 2.1
sources:
ZDI: ZDI-20-595 //
ZDI: ZDI-20-589 //
ZDI: ZDI-20-605
SOURCES
| db: | IVD | id: | ec7b8103-b626-4a4f-985f-bd5bdbb95287 |
| db: | IVD | id: | 2d8fc349-4a01-4fa6-8792-ddceae01196f |
| db: | ZDI | id: | ZDI-20-595 |
| db: | ZDI | id: | ZDI-20-589 |
| db: | ZDI | id: | ZDI-20-605 |
| db: | CNVD | id: | CNVD-2020-29743 |
| db: | VULHUB | id: | VHN-164641 |
| db: | VULMON | id: | CVE-2020-12006 |
| db: | JVNDB | id: | JVNDB-2020-005162 |
| db: | CNNVD | id: | CNNVD-202005-306 |
| db: | NVD | id: | CVE-2020-12006 |
LAST UPDATE DATE
2024-08-14T13:24:34.661000+00:00
SOURCES UPDATE DATE
| db: | ZDI | id: | ZDI-20-595 | date: | 2020-05-08T00:00:00 |
| db: | ZDI | id: | ZDI-20-589 | date: | 2020-05-08T00:00:00 |
| db: | ZDI | id: | ZDI-20-605 | date: | 2020-05-08T00:00:00 |
| db: | CNVD | id: | CNVD-2020-29743 | date: | 2020-05-25T00:00:00 |
| db: | VULHUB | id: | VHN-164641 | date: | 2021-09-23T00:00:00 |
| db: | VULMON | id: | CVE-2020-12006 | date: | 2020-05-12T00:00:00 |
| db: | JVNDB | id: | JVNDB-2020-005162 | date: | 2020-06-08T00:00:00 |
| db: | CNNVD | id: | CNNVD-202005-306 | date: | 2021-01-04T00:00:00 |
| db: | NVD | id: | CVE-2020-12006 | date: | 2021-09-23T13:42:07.627 |
SOURCES RELEASE DATE
| db: | IVD | id: | ec7b8103-b626-4a4f-985f-bd5bdbb95287 | date: | 2020-05-07T00:00:00 |
| db: | IVD | id: | 2d8fc349-4a01-4fa6-8792-ddceae01196f | date: | 2020-05-07T00:00:00 |
| db: | ZDI | id: | ZDI-20-595 | date: | 2020-05-08T00:00:00 |
| db: | ZDI | id: | ZDI-20-589 | date: | 2020-05-08T00:00:00 |
| db: | ZDI | id: | ZDI-20-605 | date: | 2020-05-08T00:00:00 |
| db: | CNVD | id: | CNVD-2020-29743 | date: | 2020-05-25T00:00:00 |
| db: | VULHUB | id: | VHN-164641 | date: | 2020-05-08T00:00:00 |
| db: | VULMON | id: | CVE-2020-12006 | date: | 2020-05-08T00:00:00 |
| db: | JVNDB | id: | JVNDB-2020-005162 | date: | 2020-06-08T00:00:00 |
| db: | CNNVD | id: | CNNVD-202005-306 | date: | 2020-05-07T00:00:00 |
| db: | NVD | id: | CVE-2020-12006 | date: | 2020-05-08T12:15:11.160 |