Details of VAR-202005-0337

ID

VAR-202005-0337

CVE

CVE-2020-12014

TITLE

Advantech WebAccess Node SQL injection vulnerability

Trust: 1.2

sources: CNVD: CNVD-2020-29741 // CNNVD: CNNVD-202005-299

DESCRIPTION

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Input is not properly sanitized and may allow an attacker to inject SQL commands. Advantech WebAccess Node To SQL An injection vulnerability exists.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of IOCTL 0x00013c71 in BwWebSvc.dll. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Advantech WebAccess is a browser-based SCADA software package for monitoring, data acquisition, and visualization. It is used to automate complex industrial processes when remote operation is required. The vulnerability is caused by the program not properly sanitizing user input

Trust: 4.59

sources: NVD: CVE-2020-12014 // JVNDB: JVNDB-2020-005144 // ZDI: ZDI-20-615 // ZDI: ZDI-20-613 // ZDI: ZDI-20-614 // CNVD: CNVD-2020-29741 // IVD: c69f120f-13c6-4366-bc67-15c6b3fa728e // IVD: dc75839d-760d-4e08-87b4-f1096616019c // VULHUB: VHN-164650 // VULMON: CVE-2020-12014

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 1.0

sources: IVD: c69f120f-13c6-4366-bc67-15c6b3fa728e // IVD: dc75839d-760d-4e08-87b4-f1096616019c // CNVD: CNVD-2020-29741

AFFECTED PRODUCTS

vendor:	advantech	model:	webaccess/scada	scope:	-	version:	-	Trust: 2.1
vendor:	advantech	model:	webaccess	scope:	eq	version:	9.0.0	Trust: 1.9
vendor:	advantech	model:	webaccess	scope:	lte	version:	8.4.4	Trust: 1.0
vendor:	advantech	model:	webaccess	scope:	eq	version:	8.4.4	Trust: 0.9
vendor:	advantech	model:	webaccess node	scope:	gte	version:	8.4.4	Trust: 0.6
vendor:	advantech	model:	webaccess node	scope:	eq	version:	9.0.0	Trust: 0.6
vendor:	webaccess	model:	-	scope:	eq	version:	*	Trust: 0.4
vendor:	webaccess	model:	-	scope:	eq	version:	9.0.0	Trust: 0.4

sources: IVD: c69f120f-13c6-4366-bc67-15c6b3fa728e // IVD: dc75839d-760d-4e08-87b4-f1096616019c // ZDI: ZDI-20-615 // ZDI: ZDI-20-613 // ZDI: ZDI-20-614 // CNVD: CNVD-2020-29741 // VULMON: CVE-2020-12014 // JVNDB: JVNDB-2020-005144 // NVD: CVE-2020-12014

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI:	CVE-2020-12014
value:	HIGH
Trust: 2.1
nvd@nist.gov:	CVE-2020-12014
value:	HIGH
Trust: 1.0
NVD:	JVNDB-2020-005144
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2020-29741
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202005-299
value:	HIGH
Trust: 0.6
IVD:	c69f120f-13c6-4366-bc67-15c6b3fa728e
value:	HIGH
Trust: 0.2
IVD:	dc75839d-760d-4e08-87b4-f1096616019c
value:	HIGH
Trust: 0.2
VULHUB:	VHN-164650
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2020-12014
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2020-12014
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
NVD:	JVNDB-2020-005144
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2020-29741
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	c69f120f-13c6-4366-bc67-15c6b3fa728e
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	dc75839d-760d-4e08-87b4-f1096616019c
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-164650
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

ZDI:	CVE-2020-12014
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 2.1
nvd@nist.gov:	CVE-2020-12014
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	JVNDB-2020-005144
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: IVD: c69f120f-13c6-4366-bc67-15c6b3fa728e // IVD: dc75839d-760d-4e08-87b4-f1096616019c // ZDI: ZDI-20-615 // ZDI: ZDI-20-613 // ZDI: ZDI-20-614 // CNVD: CNVD-2020-29741 // VULHUB: VHN-164650 // VULMON: CVE-2020-12014 // JVNDB: JVNDB-2020-005144 // CNNVD: CNNVD-202005-299 // NVD: CVE-2020-12014

PROBLEMTYPE DATA

problemtype:

CWE-89

Trust: 1.9

sources: VULHUB: VHN-164650 // JVNDB: JVNDB-2020-005144 // NVD: CVE-2020-12014

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202005-299

TYPE

SQL injection

Trust: 1.0

sources: IVD: c69f120f-13c6-4366-bc67-15c6b3fa728e // IVD: dc75839d-760d-4e08-87b4-f1096616019c // CNNVD: CNNVD-202005-299

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-005144

PATCH

title:	Advantech has issued an update to correct this vulnerability.	url:	https://www.us-cert.gov/ics/advisories/icsa-20-128-36	Trust: 2.1
title:	Top Page	url:	https://www.advantech.com/	Trust: 0.8
title:	Patch for Advantech WebAccess Node SQL injection vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/218849	Trust: 0.6
title:	Advantech WebAccess Node SQL Repair measures for injecting vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=118218	Trust: 0.6

sources: ZDI: ZDI-20-615 // ZDI: ZDI-20-613 // ZDI: ZDI-20-614 // CNVD: CNVD-2020-29741 // JVNDB: JVNDB-2020-005144 // CNNVD: CNNVD-202005-299

EXTERNAL IDS

db:	NVD	id:	CVE-2020-12014	Trust: 5.7
db:	ICS CERT	id:	ICSA-20-128-01	Trust: 3.2
db:	ZDI	id:	ZDI-20-613	Trust: 2.5
db:	ZDI	id:	ZDI-20-615	Trust: 1.4
db:	CNVD	id:	CNVD-2020-29741	Trust: 1.1
db:	CNNVD	id:	CNNVD-202005-299	Trust: 1.1
db:	ZDI	id:	ZDI-20-614	Trust: 0.8
db:	JVN	id:	JVNVU93292753	Trust: 0.8
db:	JVNDB	id:	JVNDB-2020-005144	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-9884	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-9882	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-9883	Trust: 0.7
db:	AUSCERT	id:	ESB-2020.1646	Trust: 0.6
db:	NSFOCUS	id:	47352	Trust: 0.6
db:	IVD	id:	C69F120F-13C6-4366-BC67-15C6B3FA728E	Trust: 0.2
db:	IVD	id:	DC75839D-760D-4E08-87B4-F1096616019C	Trust: 0.2
db:	VULHUB	id:	VHN-164650	Trust: 0.1
db:	VULMON	id:	CVE-2020-12014	Trust: 0.1

sources: IVD: c69f120f-13c6-4366-bc67-15c6b3fa728e // IVD: dc75839d-760d-4e08-87b4-f1096616019c // ZDI: ZDI-20-615 // ZDI: ZDI-20-613 // ZDI: ZDI-20-614 // CNVD: CNVD-2020-29741 // VULHUB: VHN-164650 // VULMON: CVE-2020-12014 // JVNDB: JVNDB-2020-005144 // CNNVD: CNNVD-202005-299 // NVD: CVE-2020-12014

REFERENCES

url:	https://www.us-cert.gov/ics/advisories/icsa-20-128-01	Trust: 3.8
url:	https://www.us-cert.gov/ics/advisories/icsa-20-128-36	Trust: 2.1
url:	https://www.zerodayinitiative.com/advisories/zdi-20-613/	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12014	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-12014	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu93292753/	Trust: 0.8
url:	https://www.zerodayinitiative.com/advisories/zdi-20-615/	Trust: 0.7
url:	https://www.auscert.org.au/bulletins/esb-2020.1646/	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/47352	Trust: 0.6
url:	https://www.zerodayinitiative.com/advisories/zdi-20-614/	Trust: 0.1
url:	https://cwe.mitre.org/data/definitions/89.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/181600	Trust: 0.1

sources: ZDI: ZDI-20-615 // ZDI: ZDI-20-613 // ZDI: ZDI-20-614 // CNVD: CNVD-2020-29741 // VULHUB: VHN-164650 // VULMON: CVE-2020-12014 // JVNDB: JVNDB-2020-005144 // CNNVD: CNNVD-202005-299 // NVD: CVE-2020-12014

CREDITS

Z0mb1E

Trust: 2.1

sources: ZDI: ZDI-20-615 // ZDI: ZDI-20-613 // ZDI: ZDI-20-614

SOURCES

db:	IVD	id:	c69f120f-13c6-4366-bc67-15c6b3fa728e
db:	IVD	id:	dc75839d-760d-4e08-87b4-f1096616019c
db:	ZDI	id:	ZDI-20-615
db:	ZDI	id:	ZDI-20-613
db:	ZDI	id:	ZDI-20-614
db:	CNVD	id:	CNVD-2020-29741
db:	VULHUB	id:	VHN-164650
db:	VULMON	id:	CVE-2020-12014
db:	JVNDB	id:	JVNDB-2020-005144
db:	CNNVD	id:	CNNVD-202005-299
db:	NVD	id:	CVE-2020-12014

LAST UPDATE DATE

2024-08-14T13:24:34.719000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-20-615	date:	2020-05-08T00:00:00
db:	ZDI	id:	ZDI-20-613	date:	2020-05-08T00:00:00
db:	ZDI	id:	ZDI-20-614	date:	2020-05-08T00:00:00
db:	CNVD	id:	CNVD-2020-29741	date:	2020-05-25T00:00:00
db:	VULHUB	id:	VHN-164650	date:	2020-05-11T00:00:00
db:	VULMON	id:	CVE-2020-12014	date:	2020-05-11T00:00:00
db:	JVNDB	id:	JVNDB-2020-005144	date:	2020-06-08T00:00:00
db:	CNNVD	id:	CNNVD-202005-299	date:	2020-12-31T00:00:00
db:	NVD	id:	CVE-2020-12014	date:	2020-05-11T21:01:03.177

SOURCES RELEASE DATE

db:	IVD	id:	c69f120f-13c6-4366-bc67-15c6b3fa728e	date:	2020-05-07T00:00:00
db:	IVD	id:	dc75839d-760d-4e08-87b4-f1096616019c	date:	2020-05-07T00:00:00
db:	ZDI	id:	ZDI-20-615	date:	2020-05-08T00:00:00
db:	ZDI	id:	ZDI-20-613	date:	2020-05-08T00:00:00
db:	ZDI	id:	ZDI-20-614	date:	2020-05-08T00:00:00
db:	CNVD	id:	CNVD-2020-29741	date:	2020-05-25T00:00:00
db:	VULHUB	id:	VHN-164650	date:	2020-05-08T00:00:00
db:	VULMON	id:	CVE-2020-12014	date:	2020-05-08T00:00:00
db:	JVNDB	id:	JVNDB-2020-005144	date:	2020-06-08T00:00:00
db:	CNNVD	id:	CNNVD-202005-299	date:	2020-05-07T00:00:00
db:	NVD	id:	CVE-2020-12014	date:	2020-05-08T12:15:11.253