CVE-2020-13552 is a vulnerability in Advantech Webaccessscada
Published on February 17, 2021
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via multiple service executables in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege.
Weakness Type
Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.
Products Associated with CVE-2020-13552
Want to know whenever a new CVE is published for Advantech Webaccessscada? stack.watch will email you.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.