Vulnerability Details CVE-2021-22652
Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing authentication, which may allow an unauthorized attacker to change the configuration and obtain code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.409
EPSS Ranking 97.2%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://packetstormsecurity.com/files/161937/Advantech-iView-Unauthenticated-Remote-Code-Execution.html
- https://us-cert.cisa.gov/ics/advisories/icsa-21-040-02
- http://packetstormsecurity.com/files/161937/Advantech-iView-Unauthenticated-Remote-Code-Execution.html
- https://us-cert.cisa.gov/ics/advisories/icsa-21-040-02