Advantech iView versions prior to v5.7.03.6112 are vulnerable to a SQL injection, which may allow an attacker to escalate privileges to 'Administrator'.
References
Link | Resource |
---|---|
https://us-cert.cisa.gov/ics/advisories/icsa-21-040-02 | Third Party Advisory US Government Resource |
https://www.zerodayinitiative.com/advisories/ZDI-21-191/ | Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2021-02-11T16:06:25
Updated: 2021-02-11T17:06:06
Reserved: 2021-01-05T00:00:00
Link: CVE-2021-22658
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-02-11T18:15:17.270
Modified: 2021-02-12T15:04:32.003
Link: CVE-2021-22658
JSON object: View
Redhat Information
No data.
CWE