cbcvebase.
CVE-2023-32540
published 2023-06-06

CVE-2023-32540: In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file overwrite vulnerability, which could allow an attacker to overwrite any file in the…

PriorityP357critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.90%
55.1th percentile
In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file overwrite vulnerability, which could allow an attacker to overwrite any file in the operating system (including system files), inject code into an XLS file, and modify the file extension, which could lead to arbitrary code execution.

Affected

1 ranges
VendorProductVersion rangeFixed in
advantechwebaccess_scada<= 9.1.3
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.