CVE-2020-14501

Name of the Vulnerable Software and Affected Versions Advantech iView versions 5.6 and prior

Description The issue is related to improper authentication for a critical function, allowing an attacker to obtain user table information, including administrator credentials in plain text. An attacker may also delete the administrator account.

Recommendations For Advantech iView versions 5.6 and prior, as a temporary workaround, consider restricting access to critical functions that require authentication until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.