CVE-2020-14501
N/A
N/A
Summary
Advantech iView, versions 5.6 and prior, has an improper authentication for critical function (CWE-306) issue. Successful exploitation of this vulnerability may allow an attacker to obtain the information of the user table, including the administrator credentials in plain text. An attacker may also delete the administrator account.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Advantech iView | Versions 5.6 and prior | affected |
Weaknesses
- CWE-306: MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306
ADP Enrichment
CVE Program Container
Additional References
- https://us-cert.cisa.gov/ics/advisories/icsa-20-196-01
- https://www.zerodayinitiative.com/advisories/ZDI-20-859/
References
- https://us-cert.cisa.gov/ics/advisories/icsa-20-196-01
- https://www.zerodayinitiative.com/advisories/ZDI-20-859/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.