Advantech.WebAccess.SCADA.bwocxrun.OCX.Command.Execution
Description
This indicates an attack attempt against a Command Execution vulnerability in the Advantech WebAccess SCADA.
The vulnerability, which is located in the "bwocxrun.ocx" ActiveX control, can be exploited through a vulnerable function. An attacker can exploit this by tricking an unsuspecting user into visiting a malicious webpage and execute Operating System Commands within the context of the logged in users.
Affected Products
Advantech WebAccess prior to 7.2
Impact
System Compromise: Remote attackers can execute Operating System Commands within the context of the target users
Recommended Actions
Apply the latest update from the vendor.
http://webaccess.advantech.com/downloads.php?item=software
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |