CVE-2015-6467

Vulnerability

The vulnerability resides in a browser plugin component of Advantech WebAccess versions 8.0 and prior [1]. The exact nature of the flaw is not detailed in the available references, but the official description indicates that remote code execution is possible via vectors involving the plugin. The affected versions are all releases before WebAccess 8.1.

Exploitation

An attacker can exploit this vulnerability remotely without authentication [1]. The attack vector involves the browser plugin, suggesting that user interaction is required, such as visiting a malicious webpage or opening a crafted file that triggers the plugin. The advisory does not provide a specific sequence of steps, but the remote exploitability implies network-based delivery.

Impact

Successful exploitation allows an attacker to execute arbitrary code on the target system [1]. This could lead to full compromise of the affected WebAccess installation, including the ability to upload, create, or delete arbitrary files, deny service, or gain complete control over the SCADA/HMI environment.

Mitigation

Advantech has released WebAccess version 8.1 to address this vulnerability [1]. Users should upgrade to version 8.1 or later immediately. No workarounds are documented in the available references. The vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog as of the publication date.