Release date:
Updated on:
Affected Systems:
Advantech WebAccess HMI/SCADA
Description:
--------------------------------------------------------------------------------
Bugtraq id: 57227
WebAccess HMI/SCADA software provides remote control and management, allowing you to easily view and configure automation devices in the facility management system, power station and building automation system.
Advantech WebAccess HMI/SCADA has an unknown cross-site scripting vulnerability. Attackers can exploit this vulnerability to execute arbitrary script code in the browsers of affected sites.
<* Source: Antu Sanadi
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Advantech
---------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://webaccess.advantech.com/product.php