CVE-2019-13550
First published: Wed Sep 18 2019(Updated: )
In WebAccess, versions 8.4.1 and prior, an improper authorization vulnerability may allow an attacker to disclose sensitive information, cause improper control of generation of code, which may allow remote code execution or cause a system crash.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Advantech WebAccess | <=8.4.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-13550?
The severity of CVE-2019-13550 is rated as critical with a severity value of 9.8.
What is the affected software for CVE-2019-13550?
The affected software for CVE-2019-13550 is Advantech WebAccess versions up to and including 8.4.1.
What is the vulnerability description of CVE-2019-13550?
CVE-2019-13550 is an improper authorization vulnerability in Advantech WebAccess versions 8.4.1 and prior that may allow an attacker to disclose sensitive information, cause improper control of code generation, or enable remote code execution.
How can this vulnerability be exploited?
This vulnerability can be exploited by an attacker to disclose sensitive information, control code generation, or execute remote code by exploiting the improper authorization in Advantech WebAccess versions 8.4.1 and prior.
Is there a fix available for CVE-2019-13550?
It is recommended to upgrade to a version of Advantech WebAccess that is newer than 8.4.1 to mitigate the vulnerability.
- collector/nvd-index
- agent/tags
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/advantech
- canonical/advantech webaccess
- version/advantech webaccess/8.4.1