CVE-2023-1437
published 2023-08-02CVE-2023-1437: All versions prior to 9.1.4 of Advantech WebAccess/SCADA are vulnerable to use of untrusted pointers. The RPC arguments the client sent could contain raw…
PriorityP264critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
2.80%
84.7th percentile
All versions prior to 9.1.4 of Advantech WebAccess/SCADA are vulnerable to use of untrusted pointers. The RPC arguments the client sent could contain raw memory pointers for the server to use as-is. This could allow an attacker to gain access to the remote file system and the ability to execute commands and overwrite files.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| advantech | webaccess_scada | < 9.1.4 | 9.1.4 |
Detection & IOCsextracted from sources · hover to see the quote
- →The vulnerability involves RPC arguments containing raw memory pointers sent from client to server; monitor for anomalous RPC calls to Advantech WebAccess/SCADA services where arguments contain raw pointer values (untrusted pointer dereference pattern). ↗
- →Successful exploitation enables remote file system access and remote command execution on the WebAccess/SCADA server; monitor for unexpected file reads/writes and process execution originating from the WebAccess/SCADA service process. ↗
- →The vulnerability is exploitable remotely with no authentication and low attack complexity (CVSS AV:N/AC:L/PR:N/UI:N); prioritize detection of unauthenticated RPC traffic targeting WebAccess/SCADA endpoints exposed to the network. ↗
- ·No known public exploits specifically target this vulnerability at time of advisory publication; detection efforts should focus on behavioral anomalies rather than known exploit signatures. ↗
- ·All versions of Advantech WebAccess/SCADA prior to 9.1.4 are affected; version identification is necessary to scope detection and patching efforts. ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Advantech WebAccess/SCADA
cisa_ics·2023-06-15·CVSS 9.8
[CRITICAL] Advantech WebAccess/SCADA
ICS Advisory
##
Advantech WebAccess/SCADA
Release DateJune 15, 2023
Alert CodeICSA-23-166-02
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Advantech
- Equipment: WebAccess/SCADA
- Vulnerability: Untrusted Pointer Dereference
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker gaining remote file system access and achieving remote command execution.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of Advantech WebAccess/SCADA, a browser-based SCADA software package, are affected:
- WebAccess/SCADA: All versions prior to 9.1.4
## 3.2 VULNERABILITY OVERVIEW
3.2.1 UNTRUSTED POINTER DEREFERENCE CWE-822
All versions prior to 9.1.4 of Adv
GHSA
GHSA-qv79-48vx-52fw: All versions prior to 9
ghsa_unreviewed·2023-08-03
CVE-2023-1437 [CRITICAL] CWE-119 GHSA-qv79-48vx-52fw: All versions prior to 9
All versions prior to 9.1.4 of Advantech WebAccess/SCADA are vulnerable to use of untrusted pointers. The RPC arguments the client sent client could contain raw memory pointers for the server to use as-is. This could allow an attacker to gain access to the remote file system and the ability to execute commands and overwrite files.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-08-02
Published