PatchSiren cyber security CVE debrief
CVE-2025-67653 Advantech CVE debrief
Advantech WebAccess/SCADA contains a directory traversal vulnerability that could allow an authenticated attacker to determine the existence of arbitrary files on the system. The vulnerability, published December 18, 2025, carries a CVSS 3.1 score of 4.3 (Medium severity). The attack vector is network-based with low attack complexity, requiring low privileges but no user interaction. Successful exploitation enables information disclosure (low confidentiality impact) without affecting integrity or availability. Advantech has released version 9.2.2 to address this vulnerability. Organizations should prioritize updating affected installations, particularly those with external network exposure.
- Vendor
- Advantech
- Product
- WebAccess/SCADA
- CVSS
- MEDIUM 4.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-12-18
- Original CVE updated
- 2025-12-18
- Advisory published
- 2025-12-18
- Advisory updated
- 2025-12-18
Who should care
Organizations operating Advantech WebAccess/SCADA in industrial environments, particularly those with externally accessible management interfaces. Critical infrastructure operators, manufacturing facilities, and utilities using this SCADA platform should prioritize patching to prevent information disclosure that could support further targeted attacks.
Technical summary
CVE-2025-67653 is a directory traversal vulnerability in Advantech WebAccess/SCADA that allows authenticated remote attackers to determine the existence of arbitrary files through improper input validation. The vulnerability is rated CVSS 3.1 4.3 (Medium) with network attack vector, low attack complexity, and low privilege requirements. No user interaction is required for exploitation. The confidentiality impact is low (information disclosure), with no impact to integrity or availability. Advantech has remediated this issue in WebAccess/SCADA version 9.2.2.
Defensive priority
medium
Recommended defensive actions
- Update Advantech WebAccess/SCADA to version 9.2.2 or later per vendor guidance
- Restrict network access to WebAccess/SCADA management interfaces to authorized administrative hosts only
- Monitor for unusual file access patterns or directory traversal attempts in application logs
- Apply defense-in-depth controls for industrial control systems per CISA recommended practices
- Review and validate input sanitization on all user-supplied file paths in custom WebAccess/SCADA configurations
Evidence notes
Directory traversal vulnerability confirmed in Advantech WebAccess/SCADA. CVSS 3.1 vector: AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N. Vendor fix available in version 9.2.2.
Official resources
-
CVE-2025-67653 CVE record
CVE.org
-
CVE-2025-67653 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-12-18