Details of VAR-202102-0023

ID

VAR-202102-0023

CVE

CVE-2020-13553

TITLE

Advantech WebAccess/SCADA Vulnerability in privilege management

Trust: 0.8

sources: JVNDB: JVNDB-2020-016181

DESCRIPTION

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege. Advantech WebAccess/SCADA Contains a privilege management vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture of Advantech. The software supports dynamic graphic display and real-time data control, and provides functions for remote control and management of automation equipment

Trust: 2.25

sources: NVD: CVE-2020-13553 // JVNDB: JVNDB-2020-016181 // CNVD: CNVD-2021-11306 // VULHUB: VHN-166343

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-11306

AFFECTED PRODUCTS

vendor:	advantech	model:	webaccess\/scada	scope:	eq	version:	9.0.1	Trust: 1.0
vendor:	アドバンテック株式会社	model:	webaccess/scada	scope:	eq	version:	9.0.1	Trust: 0.8
vendor:	アドバンテック株式会社	model:	webaccess/scada	scope:	eq	version:	-	Trust: 0.8
vendor:	advantech	model:	webaccess/scada	scope:	eq	version:	9.0.1	Trust: 0.6

sources: CNVD: CNVD-2021-11306 // JVNDB: JVNDB-2020-016181 // NVD: CVE-2020-13553

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-13553
value:	HIGH
Trust: 1.0
talos-cna@cisco.com:	CVE-2020-13553
value:	HIGH
Trust: 1.0
NVD:	CVE-2020-13553
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2021-11306
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202102-1260
value:	HIGH
Trust: 0.6
VULHUB:	VHN-166343
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2020-13553
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2021-11306
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-166343
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

talos-cna@cisco.com:	CVE-2020-13553
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.0
impactScore:	6.0
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2020-13553
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.0
impactScore:	6.0
version:	3.1
Trust: 1.0

sources: CNVD: CNVD-2021-11306 // VULHUB: VHN-166343 // JVNDB: JVNDB-2020-016181 // CNNVD: CNNVD-202102-1260 // NVD: CVE-2020-13553 // NVD: CVE-2020-13553

PROBLEMTYPE DATA

problemtype:	CWE-276	Trust: 1.1
problemtype:	Improper authority management (CWE-269) [NVD Evaluation ]	Trust: 0.8
problemtype:	CWE-269	Trust: 0.1

sources: VULHUB: VHN-166343 // JVNDB: JVNDB-2020-016181 // NVD: CVE-2020-13553

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202102-1260

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202102-1260

PATCH

title:	WebAccess/SCADA	url:	https://www.advantech.com/industrial-automation/webaccess/webaccessscada	Trust: 0.8
title:	Advantech WebAccess/SCADA Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142127	Trust: 0.6

sources: JVNDB: JVNDB-2020-016181 // CNNVD: CNNVD-202102-1260

EXTERNAL IDS

db:	NVD	id:	CVE-2020-13553	Trust: 3.1
db:	TALOS	id:	TALOS-2020-1169	Trust: 3.1
db:	JVNDB	id:	JVNDB-2020-016181	Trust: 0.8
db:	CNVD	id:	CNVD-2021-11306	Trust: 0.6
db:	CNNVD	id:	CNNVD-202102-1260	Trust: 0.6
db:	VULHUB	id:	VHN-166343	Trust: 0.1

sources: CNVD: CNVD-2021-11306 // VULHUB: VHN-166343 // JVNDB: JVNDB-2020-016181 // CNNVD: CNNVD-202102-1260 // NVD: CVE-2020-13553

REFERENCES

url:	https://talosintelligence.com/vulnerability_reports/talos-2020-1169	Trust: 3.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-13553	Trust: 1.4

sources: CNVD: CNVD-2021-11306 // VULHUB: VHN-166343 // JVNDB: JVNDB-2020-016181 // CNNVD: CNNVD-202102-1260 // NVD: CVE-2020-13553

CREDITS

Discovered by Yuri Kramarz of Cisco Talos.

Trust: 0.6

sources: CNNVD: CNNVD-202102-1260

SOURCES

db:	CNVD	id:	CNVD-2021-11306
db:	VULHUB	id:	VHN-166343
db:	JVNDB	id:	JVNDB-2020-016181
db:	CNNVD	id:	CNNVD-202102-1260
db:	NVD	id:	CVE-2020-13553

LAST UPDATE DATE

2024-08-14T13:54:15.988000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2021-11306	date:	2021-02-22T00:00:00
db:	VULHUB	id:	VHN-166343	date:	2022-06-29T00:00:00
db:	JVNDB	id:	JVNDB-2020-016181	date:	2021-11-12T01:08:00
db:	CNNVD	id:	CNNVD-202102-1260	date:	2022-04-20T00:00:00
db:	NVD	id:	CVE-2020-13553	date:	2022-06-29T20:31:58.677

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2021-11306	date:	2021-02-22T00:00:00
db:	VULHUB	id:	VHN-166343	date:	2021-02-17T00:00:00
db:	JVNDB	id:	JVNDB-2020-016181	date:	2021-11-12T00:00:00
db:	CNNVD	id:	CNNVD-202102-1260	date:	2021-02-16T00:00:00
db:	NVD	id:	CVE-2020-13553	date:	2021-02-17T19:15:12.510