Vulnerability Description
Advantech iView, versions 5.6 and prior, has an improper access control vulnerability. Successful exploitation of this vulnerability may allow an attacker to obtain all user accounts credentials.
CVSS Score
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Advantech | Iview | <= 5.6 |
Related Weaknesses (CWE)
References
- https://us-cert.cisa.gov/ics/advisories/icsa-20-196-01Third Party AdvisoryUS Government Resource
- https://www.zerodayinitiative.com/advisories/ZDI-20-867/Third Party AdvisoryVDB Entry
- https://us-cert.cisa.gov/ics/advisories/icsa-20-196-01Third Party AdvisoryUS Government Resource
- https://www.zerodayinitiative.com/advisories/ZDI-20-867/Third Party AdvisoryVDB Entry
FAQ
What is CVE-2020-14499?
CVE-2020-14499 is a vulnerability with a CVSS score of 7.5 (HIGH). Advantech iView, versions 5.6 and prior, has an improper access control vulnerability. Successful exploitation of this vulnerability may allow an attacker to obtain all user accounts credentials.
How severe is CVE-2020-14499?
CVE-2020-14499 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-14499?
Check the references section above for vendor advisories and patch information. Affected products include: Advantech Iview.