Brief

Summary:

The View CSAF document provides information on a vulnerability in Advantech WebAccess Version 9.1.3, which exposes user credentials to an unauthorized actor. The vulnerability, designated as CVE-2023-4215, has a CVSS v3 base score of 6.5. The affected product, Advantech WebAccess Version 9.1.3, is a web-based interface for configuring and monitoring industrial control systems. Successful exploitation of this vulnerability could lead to the leak of user credentials.

The document provides technical details on the vulnerability, including its background, affected products, and mitigations. The vendor, Advantech, recommends updating to Version 9.1.4, while the US Cybersecurity and Infrastructure Security Agency (CISA) recommends minimizing network exposure, locating control systems behind firewalls, and implementing defensive measures such as using Virtual Private Networks (VPNs).

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: WebAccess Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Successful exploitation of this vulnerability could leak user credentials. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Advantech WebAccess, are affected: Advantech WebAccess: Version

This content is restricted.

Highlights content goes here...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: WebAccess Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Successful exploitation of this vulnerability could leak user credentials. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Advantech WebAccess, are affected: Advantech WebAccess: Version

This content is restricted.

Cybersecurity and Infrastructure Security Agency

Quick Insight
RADA.AI
RADA.AI
Hello! I'm RADA.AI - Regulatory Analysis and Decision Assistance. Your Intelligent guide for compliance and decision-making. How can i assist you today?
Suggested

Form successfully submitted. One of our GRI rep will contact you shortly

Thanking You!

Enter your Email

Enter your registered username/email id.

Enter your Email

Enter your email id below to signup.
Individual Plan
$125 / month OR $1250 / year
Features
Best for: Researchers, Legal professionals, Academics
Enterprise Plan
Contact for Pricing
Features
Best for: Law Firms, Corporations, Government Bodies