CVE-2020-13555

Name of the Vulnerable Software and Affected Versions Advantech WebAccess/SCADA version 9.0.1

Description A local privilege elevation issue exists in the file system permissions of the installation, allowing an attacker to replace binary or loaded modules and execute code with NT SYSTEM privilege through COM Server Application Privilege Escalation.

Recommendations For Advantech WebAccess/SCADA version 9.0.1, consider restricting access to the file system to prevent replacement of binary or loaded modules until a patch is available. As a temporary workaround, monitor the system for any unauthorized changes to the file system permissions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.