Release date:
Updated on:
Affected Systems:
Advantech BroadWin WebAccess
Description:
--------------------------------------------------------------------------------
Bugtraq id: 51941
BroadWin SCADA WebAccess is a Web browser-based HMI and SCADA software for industrial control systems and automation.
BroadWin SCADA WebAccess has a remote code execution vulnerability. After successful exploitation, attackers can execute arbitrary code on the affected server.
<* Source: amisto0x07
Link: http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-039-01.pdf
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Advantech
---------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://webaccess.advantech.com/product.php