CVE-2020-13555

Summary

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege.

Affected Software

VendorProductVersion RangeStatus
n/aAdvantechAdvantech WebAccess/SCADA 9.0.1affected

Weaknesses

  • CWE-276: CWE-276: Incorrect Default Permissions

ADP Enrichment

CVE Program Container

Additional References

References