PT-2020-14050 · Advantech · Iview

Rgod

Published

2020-07-15

Updated

2020-07-21

CVE-2020-14507

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Advantech iView versions 5.6 and prior

Description The issue allows an attacker to create or download arbitrary files, limit system availability, and remotely execute code due to multiple path traversal vulnerabilities.

Recommendations For Advantech iView versions 5.6 and prior, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2020-14507

ZDI-20-829

ZDI-20-840

ZDI-20-841

ZDI-20-847

Affected Products

Iview

PT-2020-14050 · Advantech · Iview

CVE-2020-14507

Weakness Enumeration

Related Identifiers

Affected Products

References · 8