CNNVD-202512-3363 Information
CNNVD ID
CNNVD-202512-3363
Related CVE
- CNNVD Published: 2025-12-18
Description (Chinese)
Advantech WebAccess/SCADA是中国研华(Advantech)公司的一套基于浏览器架构的SCADA软件。该软件支持动态图形显示和实时数据控制,并提供远程控制和管理自动化设备的功能。 Advantech WebAccess/SCADA存在SQL注入漏洞,该漏洞源于容易受到SQL注入攻击。
Description (English)
Advantech WebAccess/SCADA is a SCADA software package based on the browser architecture of Advantech, China. The software supports dynamic graphic display and real-time data control, as well as the functions of remote control and management of automation equipment. Advantech WebAccess/SCADA has a leak in SQL, which stems from its vulnerability to SQL injection.
Hazard Level
High
Vulnerability Type
SQL注入
Affected Vendor
研华
Published
2025-12-18
Last Modified
2026-02-24
References
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-352-06.json https://www.advantech.com/en-us/support/details/installation?id=1-MS9MJV https://www.cisa.gov/news-events/ics-advisories/icsa-25-352-06
Patch
https://www.advantech.com/en-us/industrial-automation/webaccess/webaccessscada
Share on: