CVE-2020-13553 : Security Advisory and Response

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation, allowing attackers to execute code with NT SYSTEM privilege.

Understanding CVE-2020-13553

This CVE involves a local privilege escalation vulnerability in Advantech WebAccess/SCADA 9.0.1.

What is CVE-2020-13553?

CVE-2020-13553 is a vulnerability that enables attackers to elevate their privileges locally within the file system permissions of Advantech WebAccess/SCADA 9.0.1.

The Impact of CVE-2020-13553

The vulnerability has a CVSS base score of 8.8, indicating a high severity level with significant impacts on confidentiality, integrity, and availability.

Technical Details of CVE-2020-13553

This section provides more technical insights into the vulnerability.

Vulnerability Description

The vulnerability allows attackers to exploit file system permissions in Advantech WebAccess/SCADA 9.0.1, enabling privilege escalation through the webvrpcs Run Key.

Affected Systems and Versions

Product: Advantech
Version: Advantech WebAccess/SCADA 9.0.1

Exploitation Mechanism

Attackers can replace binaries or loaded modules in the installation folder of WebAccess to execute code with NT SYSTEM privilege.

Mitigation and Prevention

Protecting systems from CVE-2020-13553 requires immediate actions and long-term security practices.

Immediate Steps to Take

Apply vendor-supplied patches or updates promptly.
Restrict access to vulnerable systems.
Monitor for any unauthorized system changes.

Long-Term Security Practices

Regularly update and patch software to address known vulnerabilities.
Implement the principle of least privilege to limit access rights for users.
Conduct security training to educate users on best practices.

Patching and Updates

Regularly check for security updates and patches from Advantech to mitigate the vulnerability effectively.