Sign-up

ID

VAR-202102-0294


CVE

CVE-2020-25161


TITLE

Advantech Made WebAccess/SCADA Filename and pathname external control vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2020-009106

DESCRIPTION

The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator. Advantech Provided by the company WebAccess/SCADA Is browser-based SCADA It is a software package. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.The specific flaw exists within the WADashboard component. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. There are security vulnerabilities in WebAccess/SCADA WADashboard version 9.0 and earlier versions

Trust: 2.97

sources: NVD: CVE-2020-25161 // JVNDB: JVNDB-2020-009106 // ZDI: ZDI-20-1261 // CNVD: CNVD-2021-11309 // VULHUB: VHN-179112 // VULMON: CVE-2020-25161

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-11309

AFFECTED PRODUCTS

vendor:advantechmodel:webaccess\/scadascope:ltversion:9.0.1

Trust: 1.0

vendor:advantechmodel:webaccess/scadascope:eqversion:version 9.0

Trust: 0.8

vendor:advantechmodel:webaccess/scadascope: - version: -

Trust: 0.7

vendor:advantechmodel:webaccess/scadascope:lteversion:<=9.0

Trust: 0.6

sources: ZDI: ZDI-20-1261 // CNVD: CNVD-2021-11309 // JVNDB: JVNDB-2020-009106 // NVD: CVE-2020-25161

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-25161
value: HIGH

Trust: 1.0

IPA: JVNDB-2020-009106
value: HIGH

Trust: 0.8

ZDI: CVE-2020-25161
value: HIGH

Trust: 0.7

CNVD: CNVD-2021-11309
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202010-700
value: HIGH

Trust: 0.6

VULHUB: VHN-179112
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-25161
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

CNVD: CNVD-2021-11309
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-179112
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-25161
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

IPA score: JVNDB-2020-009106
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2020-25161
baseSeverity: HIGH
baseScore: 8.8
vectorString: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-20-1261 // CNVD: CNVD-2021-11309 // VULHUB: VHN-179112 // JVNDB: JVNDB-2020-009106 // CNNVD: CNNVD-202010-700 // NVD: CVE-2020-25161

PROBLEMTYPE DATA

problemtype:CWE-610

Trust: 1.1

problemtype:CWE-73

Trust: 1.0

sources: VULHUB: VHN-179112 // NVD: CVE-2020-25161

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202010-700

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202010-700

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-009106

PATCH
title:WebAccess/SCADA Release Notesurl:https://www.advantech.com/support/details/manual?id=1-1J6QG9J
Trust: 0.8
title:Advantech has issued an update to correct this vulnerability.url:https://us-cert.cisa.gov/ics/advisories/icsa-20-289-01
Trust: 0.7
title:Patch for Advantech WebAccess/SCADA path manipulation code execution vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/248501
Trust: 0.6
sources:
            
            
            ZDI: ZDI-20-1261 // 
            
            
            
            CNVD: CNVD-2021-11309 // 
            
            
            
            JVNDB: JVNDB-2020-009106

EXTERNAL IDS
db:NVDid:CVE-2020-25161
Trust: 3.9
db:ICS CERTid:ICSA-20-289-01
Trust: 3.1
db:JVNid:JVNVU97695305
Trust: 0.8
db:JVNDBid:JVNDB-2020-009106
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-11262
Trust: 0.7
db:ZDIid:ZDI-20-1261
Trust: 0.7
db:CNNVDid:CNNVD-202010-700
Trust: 0.7
db:CNVDid:CNVD-2021-11309
Trust: 0.6
db:AUSCERTid:ESB-2020.3584
Trust: 0.6
db:SEEBUGid:SSVID-98405
Trust: 0.1
db:VULHUBid:VHN-179112
Trust: 0.1
db:VULMONid:CVE-2020-25161
Trust: 0.1
sources:
            
            
            ZDI: ZDI-20-1261 // 
            
            
            
            CNVD: CNVD-2021-11309 // 
            
            
            
            VULHUB: VHN-179112 // 
            
            
            
            VULMON: CVE-2020-25161 // 
            
            
            
            JVNDB: JVNDB-2020-009106 // 
            
            
            
            CNNVD: CNNVD-202010-700 // 
            
            
            
            NVD: CVE-2020-25161

REFERENCES
url:https://us-cert.cisa.gov/ics/advisories/icsa-20-289-01
Trust: 3.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-25161
Trust: 0.8
url:https://jvn.jp/vu/jvnvu97695305
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2020-25161
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2020.3584/
Trust: 0.6
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/189888
Trust: 0.1
sources:
            
            
            ZDI: ZDI-20-1261 // 
            
            
            
            CNVD: CNVD-2021-11309 // 
            
            
            
            VULHUB: VHN-179112 // 
            
            
            
            VULMON: CVE-2020-25161 // 
            
            
            
            JVNDB: JVNDB-2020-009106 // 
            
            
            
            CNNVD: CNNVD-202010-700 // 
            
            
            
            NVD: CVE-2020-25161

CREDITS
Sivathmican Sivakumaran
Trust: 0.7
sources:
            
            
            ZDI: ZDI-20-1261

SOURCES
db:ZDIid:ZDI-20-1261
db:CNVDid:CNVD-2021-11309
db:VULHUBid:VHN-179112
db:VULMONid:CVE-2020-25161
db:JVNDBid:JVNDB-2020-009106
db:CNNVDid:CNNVD-202010-700
db:NVDid:CVE-2020-25161

LAST UPDATE DATE
2024-08-14T13:23:51.320000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-20-1261date:2020-10-19T00:00:00
db:CNVDid:CNVD-2021-11309date:2021-02-22T00:00:00
db:VULHUBid:VHN-179112date:2021-02-27T00:00:00
db:VULMONid:CVE-2020-25161date:2021-02-27T00:00:00
db:JVNDBid:JVNDB-2020-009106date:2020-10-19T00:00:00
db:CNNVDid:CNNVD-202010-700date:2021-03-02T00:00:00
db:NVDid:CVE-2020-25161date:2021-02-27T02:26:40.977

SOURCES RELEASE DATE
db:ZDIid:ZDI-20-1261date:2020-10-19T00:00:00
db:CNVDid:CNVD-2021-11309date:2021-02-22T00:00:00
db:VULHUBid:VHN-179112date:2021-02-23T00:00:00
db:VULMONid:CVE-2020-25161date:2021-02-23T00:00:00
db:JVNDBid:JVNDB-2020-009106date:2020-10-19T00:00:00
db:CNNVDid:CNNVD-202010-700date:2020-10-15T00:00:00
db:NVDid:CVE-2020-25161date:2021-02-23T17:15:13.270