Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Advantech addressed code execution and DoS flaws in WebAccess software

Industrial automation firm Advantech addressed several serious vulnerabilities in its WebAccess SCADA software. WebAccess is a browser-based software package for human-machine interfaces (HMI) and SCADA systems developed by Advantech. The vulnerabilities affect WebAccess/SCADA Versions 8.3.5 and prior. The software is widely adopted in many sectors worldwide, such as critical manufacturing, energy, and water and wastewater. […]

Advantech webaccess 1

Industrial automation firm Advantech addressed several serious vulnerabilities in its WebAccess SCADA software.

WebAccess is a browser-based software package for human-machine interfaces (HMI) and SCADA systems developed by Advantech.

The vulnerabilities affect WebAccess/SCADA Versions 8.3.5 and prior.

The software is widely adopted in many sectors worldwide, such as critical manufacturing, energy, and water and wastewater.

The vulnerabilities were reported to NCCIC by researchers Mat Powell and Natnael Samson (@NattiSamson) through Trend Micro’s Zero Day Initiative (ZDI).

The WebAccess is affected by three types of vulnerabilities, including two critical remote code execution flaws and one “high severity” denial-of-service (DoS) issue.

Advantech webaccess 1

Below the flaws reported by the US ICS-CERT:

The vulnerabilities were reported to the vendor in January that addressed them with the release of version 8.4.0 of WebAccess.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Advantech, WebAccess)

[adrotate banner=”5″]

[adrotate banner=”13″]