Advantech Alert
1722Warning Date
Severity Level
Warning Number
Target Sector
20 June, 2021
● High
2021-3078
Energy - Water and Utilities - Manufacturing
Description:
Advantech has released a security alert to address several vulnerabilities in the following products:
- WebAccess/SCADA Versions 9.0.1 and prior
Threats:
Attacker could exploit this vulnerability by doing the following:
- Execute arbitrary code
- Directory Traversal
Best practice and Recommendations:
The CERT team encourages users to review the following best practices:
- Minimizing network exposure for all control system devices and/or systems
- Locating control system networks and devices behind firewalls and isolating them from the enterprise/business network
- When remote access is required, use secure methods such as virtual private networks (VPNs)