Details of VAR-202102-0022

ID

VAR-202102-0022

CVE

CVE-2020-13552

TITLE

Advantech WebAccess/SCADA Vulnerability in privilege management

Trust: 0.8

sources: JVNDB: JVNDB-2020-016182

DESCRIPTION

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via multiple service executables in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege. Advantech WebAccess/SCADA Contains a privilege management vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Advantech. The software supports dynamic graphic display and real-time data control, and provides functions for remote control and management of automation equipment

Trust: 2.25

sources: NVD: CVE-2020-13552 // JVNDB: JVNDB-2020-016182 // CNVD: CNVD-2021-11305 // VULHUB: VHN-166342

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-11305

AFFECTED PRODUCTS

vendor:	advantech	model:	webaccess\/scada	scope:	eq	version:	9.0.1	Trust: 1.0
vendor:	アドバンテック株式会社	model:	webaccess/scada	scope:	eq	version:	9.0.1	Trust: 0.8
vendor:	アドバンテック株式会社	model:	webaccess/scada	scope:	eq	version:	-	Trust: 0.8
vendor:	advantech	model:	webaccess/scada	scope:	eq	version:	9.0.1	Trust: 0.6

sources: CNVD: CNVD-2021-11305 // JVNDB: JVNDB-2020-016182 // NVD: CVE-2020-13552

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-13552
value:	HIGH
Trust: 1.0
talos-cna@cisco.com:	CVE-2020-13552
value:	HIGH
Trust: 1.0
NVD:	CVE-2020-13552
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2021-11305
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202102-1259
value:	HIGH
Trust: 0.6
VULHUB:	VHN-166342
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2020-13552
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2021-11305
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-166342
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

talos-cna@cisco.com:	CVE-2020-13552
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.0
impactScore:	6.0
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2020-13552
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.0
impactScore:	6.0
version:	3.1
Trust: 1.0

sources: CNVD: CNVD-2021-11305 // VULHUB: VHN-166342 // JVNDB: JVNDB-2020-016182 // CNNVD: CNNVD-202102-1259 // NVD: CVE-2020-13552 // NVD: CVE-2020-13552

PROBLEMTYPE DATA

problemtype:	CWE-276	Trust: 1.1
problemtype:	Improper authority management (CWE-269) [NVD Evaluation ]	Trust: 0.8
problemtype:	CWE-269	Trust: 0.1

sources: VULHUB: VHN-166342 // JVNDB: JVNDB-2020-016182 // NVD: CVE-2020-13552

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202102-1259

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202102-1259

PATCH

title:	WebAccess/SCADA	url:	https://www.advantech.com/industrial-automation/webaccess/webaccessscada	Trust: 0.8
title:	Advantech WebAccess/SCADA Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142126	Trust: 0.6

sources: JVNDB: JVNDB-2020-016182 // CNNVD: CNNVD-202102-1259

EXTERNAL IDS

db:	TALOS	id:	TALOS-2020-1169	Trust: 3.1
db:	NVD	id:	CVE-2020-13552	Trust: 3.1
db:	JVNDB	id:	JVNDB-2020-016182	Trust: 0.8
db:	CNVD	id:	CNVD-2021-11305	Trust: 0.6
db:	CNNVD	id:	CNNVD-202102-1259	Trust: 0.6
db:	VULHUB	id:	VHN-166342	Trust: 0.1

sources: CNVD: CNVD-2021-11305 // VULHUB: VHN-166342 // JVNDB: JVNDB-2020-016182 // CNNVD: CNNVD-202102-1259 // NVD: CVE-2020-13552

REFERENCES

url:	https://talosintelligence.com/vulnerability_reports/talos-2020-1169	Trust: 3.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-13552	Trust: 1.4

sources: CNVD: CNVD-2021-11305 // VULHUB: VHN-166342 // JVNDB: JVNDB-2020-016182 // CNNVD: CNNVD-202102-1259 // NVD: CVE-2020-13552

CREDITS

Discovered by Yuri Kramarz of Cisco Talos.

Trust: 0.6

sources: CNNVD: CNNVD-202102-1259

SOURCES

db:	CNVD	id:	CNVD-2021-11305
db:	VULHUB	id:	VHN-166342
db:	JVNDB	id:	JVNDB-2020-016182
db:	CNNVD	id:	CNNVD-202102-1259
db:	NVD	id:	CVE-2020-13552

LAST UPDATE DATE

2024-08-14T13:54:15.923000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2021-11305	date:	2021-02-22T00:00:00
db:	VULHUB	id:	VHN-166342	date:	2022-06-29T00:00:00
db:	JVNDB	id:	JVNDB-2020-016182	date:	2021-11-12T01:22:00
db:	CNNVD	id:	CNNVD-202102-1259	date:	2022-04-20T00:00:00
db:	NVD	id:	CVE-2020-13552	date:	2022-06-29T20:32:21.653

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2021-11305	date:	2021-02-22T00:00:00
db:	VULHUB	id:	VHN-166342	date:	2021-02-17T00:00:00
db:	JVNDB	id:	JVNDB-2020-016182	date:	2021-11-12T00:00:00
db:	CNNVD	id:	CNNVD-202102-1259	date:	2021-02-16T00:00:00
db:	NVD	id:	CVE-2020-13552	date:	2021-02-17T19:15:12.450