Advantech WebAccess/SCADA Vulnerability - 20230531002

Overview

Successful exploitation of this vulnerability could allow an attacker full control over the supervisory control and data acquisition (SCADA) server.

What is the vulnerability?

If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server.

• CVE-2023-2866 - CVSS v3 Base Score: 7.3

What is vulnerable?

The vulnerability affects the following products:

• WebAccess/SCADA: version 8.4.5

What has been observed?

There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing

Recommendation

The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices: Advantech recommendations

Additional References

• Advantech WebAccess/SCADA ICS Advisory
• Talos Advantech WebAccess/SCADA Vulnerability Report