PatchSiren

Advantech CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM Advantech CVE published 2025-12-18

CVE-2025-67653

Advantech WebAccess/SCADA contains a directory traversal vulnerability that could allow an authenticated attacker to determine the existence of arbitrary files on the system. The vulnerability, published December 18, 2025, carries a CVSS 3.1 score of 4.3 (Medium severity). The attack vector is network-based with low attack complexity, requiring low privileges but no user interaction. Successful exploitati [truncated]

MEDIUM Advantech CVE published 2025-12-18

CVE-2025-46268

A SQL injection vulnerability in Advantech WebAccess/SCADA could allow authenticated attackers to execute arbitrary SQL commands. CISA published advisory ICSA-25-352-06 on 2025-12-18 with a vendor fix available.

HIGH Advantech CVE published 2025-12-18

CVE-2025-14850

A directory traversal vulnerability in Advantech WebAccess/SCADA allows authenticated attackers to delete arbitrary files on affected systems. The vulnerability carries a HIGH severity CVSS 3.1 score of 8.1, reflecting significant integrity and availability impact with low attack complexity. CISA published this advisory on December 18, 2025, as ICSA-25-352-06. The issue is not currently listed in CISA's K [truncated]

HIGH Advantech CVE published 2025-12-18

CVE-2025-14849

Advantech WebAccess/SCADA contains an unrestricted file upload vulnerability that may allow an attacker to remotely execute arbitrary code. The vulnerability was disclosed by CISA on December 18, 2025, with a CVSS 3.1 score of 8.8 (HIGH). The attack vector is network-based with low attack complexity, requiring low privileges but no user interaction. Successful exploitation could result in high impacts to [truncated]

MEDIUM Advantech CVE published 2025-12-18

CVE-2025-14848

A directory traversal vulnerability in Advantech WebAccess/SCADA allows authenticated attackers to determine the existence of arbitrary files on affected systems. The vulnerability, published December 18, 2025, carries a CVSS 3.1 score of 4.3 (MEDIUM). The issue stems from improper path validation that permits absolute directory traversal, enabling file existence enumeration rather than full content discl [truncated]

HIGH Advantech CVE published 2025-12-04

CVE-2025-13373

Advantech iView versions 5.7.05.7057 and prior contain an SQL injection vulnerability in their handling of SNMP v1 trap requests on port 162. The application fails to properly sanitize input received through this network management protocol, allowing an attacker to inject malicious SQL commands. This vulnerability is network-accessible without authentication, presenting a significant exposure for affected [truncated]

MEDIUM Advantech CVE published 2025-07-10

CVE-2025-53509

CVE-2025-53509 is an authenticated argument-injection vulnerability in Advantech iView. CISA’s CSAF advisory says the flaw is in NetworkServlet.restoreDatabase(), where an input parameter is passed directly into a command without proper sanitization. An attacker with at least user-level privileges can inject arbitrary arguments, which can lead to information disclosure, including sensitive database creden [truncated]

HIGH Advantech CVE published 2025-07-10

CVE-2025-53475

CVE-2025-53475 is a high-severity Advantech iView vulnerability published on 2025-07-10. CISA states that an authenticated attacker with at least user-level privileges could abuse insufficient input sanitization in NetworkServlet.getNextTrapPage() to trigger SQL injection and potentially execute code as nt authority\local service. The affected product scope in the advisory is Advantech iView versions earl [truncated]

MEDIUM Advantech CVE published 2025-07-10

CVE-2025-52459

CVE-2025-52459 is a medium-severity issue in Advantech iView where an authenticated, user-level attacker can inject arguments into a backup-related command path. The advisory says this can expose sensitive information, including database credentials. Advantech recommends upgrading to v5.7.05 build 7057.

HIGH Advantech CVE published 2025-07-10

CVE-2025-48891

CVE-2025-48891 affects Advantech iView versions earlier than 5.7.05 build 7057. According to the CISA CSAF advisory, an authenticated attacker with at least user-level privileges could exploit SQL injection in CUtils.checkSQLInjection(), potentially causing information disclosure or denial of service. Advantech recommends updating to v5.7.05 build 7057.

MEDIUM Advantech CVE published 2025-07-10

CVE-2025-46704

CVE-2025-46704 is a medium-severity issue in Advantech iView, published by CISA on 2025-07-10 as ICSA-25-191-08. The vulnerability is in NetworkServlet.processImportRequest() and requires an authenticated attacker with at least user-level privileges. According to the advisory, a parameter is not properly sanitized or normalized, which could allow directory traversal behavior and let an attacker determine [truncated]

MEDIUM Advantech CVE published 2025-07-10

CVE-2025-41442

CVE-2025-41442 is a reflected cross-site scripting (XSS) issue in Advantech iView versions prior to 5.7.05 build 7057. According to CISA’s advisory, manipulated input parameters can lead to unauthorized script execution in a user’s browser, with potential information disclosure or other malicious browser-side activity. The published CVSS v3.1 score is 5.4 (Medium), with user interaction required.

MEDIUM Advantech CVE published 2024-09-26

CVE-2024-39364

Advantech ADAM-5630 devices contain built-in commands that execute without authentication, allowing unprivileged network attackers to restart the operating system, reboot hardware, or stop execution via simple HTTP requests. The vulnerability stems from missing authentication and authorization checks on administrative command endpoints, with no origin validation or privilege discrimination. CISA published [truncated]

HIGH Advantech CVE published 2024-09-26

CVE-2024-39275

CVE-2024-39275 is a HIGH severity session management vulnerability in Advantech ADAM-5630 industrial communication devices. The issue involves improper invalidation of authentication cookies: when a user session is terminated (logout), the associated cookies remain valid and active on the server side. An attacker who obtains a legitimate cookie—through network sniffing, browser compromise, or other means— [truncated]

HIGH Advantech CVE published 2024-09-26

CVE-2024-38308

CVE-2024-38308 is a high-severity stored cross-site scripting (XSS) vulnerability in the Advantech ADAM-5550 programmable automation controller. The device's web application includes a logs page that displays all received HTTP requests to authenticated users without properly neutralizing malicious code during output generation. An attacker can inject malicious payloads into HTTP requests that, when logged [truncated]

MEDIUM Advantech CVE published 2024-09-26

CVE-2024-37187

CVE-2024-37187 describes a weakness in the Advantech ADAM-5550 programmable logic controller where user credentials are transmitted using only Base64 encoding, which is not encryption and can be trivially reversed by anyone who intercepts the traffic. This exposes credentials to network eavesdropping attacks in adjacent network scenarios. The vulnerability was published by CISA on September 26, 2024, with [truncated]

MEDIUM Advantech CVE published 2024-09-26

CVE-2024-34542

CVE-2024-34542 is a medium-severity vulnerability affecting Advantech ADAM-5630 industrial communication devices. The issue involves transmission of user credentials in plaintext between the device and the user's source device during the login process, exposing authentication data to network eavesdropping. CISA published this advisory on September 26, 2024 as ICSA-24-270-02. The vulnerability carries a CV [truncated]

HIGH Advantech CVE published 2024-09-26

CVE-2024-28948

Advantech ADAM-5630 devices running firmware versions prior to 2.5.2 contain a cross-site request forgery (CSRF) vulnerability. The flaw allows an attacker to induce authenticated users to perform unintended actions by circumventing same-origin policy protections. Successful exploitation could result in unauthorized configuration changes or operational disruption of affected industrial control system devi [truncated]

CRITICAL Advantech CVE published 2017-01-12

CVE-2017-5154

CVE-2017-5154 is a critical SQL injection vulnerability affecting Advantech WebAccess 8.1. According to the NVD record, an attacker who can supply malformed input to the application may be able to achieve administrative access to the application and its data files. Because the flaw is network-exploitable, requires no privileges or user interaction, and is rated CVSS 9.8, it should be treated as an urgent [truncated]

CRITICAL Advantech CVE published 2017-01-12

CVE-2017-5152

CVE-2017-5152 is a critical authentication bypass affecting Advantech WebAccess 8.1. According to the NVD record, a malicious user can access pages without authentication by requesting a specific URL on the web server. Because the issue is network-exploitable and requires no user interaction or privileges, exposed WebAccess deployments should be treated as high priority for review and mitigation.

HIGH Advantech CVE published 2016-09-04

CVE-2016-9353

CVE-2016-9353 affects Advantech SUISAccess Server version 3.0 and earlier. NVD describes the issue as an admin password stored in the system and encrypted with a static key hard-coded into the program, which could let an attacker recover the admin account password for reuse. Because the vulnerability exposes administrative credentials rather than a direct code-execution path, the main security impact is u [truncated]

HIGH Advantech CVE published 2016-09-04

CVE-2016-9351

CVE-2016-9351 is a high-severity weakness in Advantech SUISAccess Server version 3.0 and earlier. The issue is described as a directory traversal/file upload error that allows an attacker to upload and unpack a ZIP file. NVD maps the flaw to CWE-22 (Path Traversal) and gives it a CVSS 3.0 vector of AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating serious potential impact if an attacker can reach the vulner [truncated]

HIGH Advantech CVE published 2016-09-04

CVE-2016-9349

CVE-2016-9349 is a high-severity information disclosure issue in Advantech SUISAccess Server version 3.0 and earlier. According to the NVD record, an attacker can traverse the file system and extract files, with the impact limited to confidentiality loss. The CVE was published on 2017-02-13 and was last modified on 2026-05-13.