Advantech Updates WebAccess Holes

Friday, January 12, 2018 @ 02:01 PM gHale


Advantech released a new version to mitigate additional vulnerabilities in its WebAccess, according to an updated report with ICS-CERT.

The vulnerabilities include an untrusted pointer dereference, stack-based buffer overflow, path traversal, SQL injection, improper input validation, use after free, and an unrestricted upload of file with dangerous type.

RELATED STORIES
WECON Clears HMI Editor Issues
New Firmware for Moxa’s MXview
Phoenix Contact Clears FL SWITCH Holes
Rockwell Clears MicroLogix Controller Hole

WebAccess versions prior to 8.3 suffer from the remotely exploitable vulnerabilities, discovered by Steven Seeley of Offensive Security, Zhou Yu and Andrea Micalizzi working with Trend Micro’s Zero Day Initiative, and Michael Deplante.

Successful exploitation of these vulnerabilities could cause the device to crash. An attacker may be able to further exploit this condition to remotely execute arbitrary code or bypass authentication.

No known public exploits specifically target these vulnerabilities. However, an attacker with low skill level could leverage the vulnerabilities.

There are multiple vulnerabilities that may allow an attacker to cause the program to use an invalid memory address, resulting in a program crash.

CVE-2017-16728 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.5.

In addition, there are multiple instances of a vulnerability that allows too much data to be written to a location on the stack.

CVE-2017-16724 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.2.

Also, an attacker has access to files within the directory structure of the target device.

CVE-2017-16720 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.3.

In addition, WebAccess does not properly sanitize its inputs for SQL commands.

CVE-2017-16716 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.3.

Also, WebAccess allows some inputs that may cause the program to crash.

CVE-2017-16753 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.0.

WebAccess allows a remote attacker to upload arbitrary files.

CVE-2017-16736 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.3.

In addition, WebAccess allows an unauthenticated attacker to specify an arbitrary address.
CVE-2017-16732 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 6.5.

The product sees use mainly in the critical manufacturing, energy and water and wastewater systems sectors. It also sees action in East Asia, United States and Europe.

Taiwan-based Advantech released WebAccess Version 8.3 to address the reported vulnerabilities. Click here to download the latest version of WebAccess.



Leave a Reply

You must be logged in to post a comment.