CNNVD-202512-3364 Information
CNNVD ID
CNNVD-202512-3364
Related CVE
- CNNVD Published: 2025-12-18
Description (Chinese)
Advantech WebAccess/SCADA是中国研华(Advantech)公司的一套基于浏览器架构的SCADA软件。该软件支持动态图形显示和实时数据控制,并提供远程控制和管理自动化设备的功能。 Advantech WebAccess/SCADA存在路径遍历漏洞,该漏洞源于目录遍历,可能导致删除任意文件。
Description (English)
Advantech WebAccess/SCADA is a SCADA software package based on the browser architecture of Advantech, China. The software supports dynamic graphic display and real-time data control, as well as the functions of remote control and management of automation equipment. Advantech WebAccess/SCADA has a loophole in its path, which originates in the directory and may lead to the deletion of any document.
Hazard Level
Medium
Vulnerability Type
路径遍历
Affected Vendor
研华
Published
2025-12-18
Last Modified
2026-02-24
References
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-352-06.json https://www.advantech.com/en-us/support/details/installation?id=1-MS9MJV https://www.cisa.gov/news-events/ics-advisories/icsa-25-352-06
Patch
https://www.advantech.com/en-us/industrial-automation/webaccess/webaccessscada
Share on: