CVE-2020-14499
HIGHAdvantech iView < 5.6 - Unauthenticated User Credential Exposure via Improper Access Control
Title source: llmDescription
Advantech iView, versions 5.6 and prior, has an improper access control vulnerability. Successful exploitation of this vulnerability may allow an attacker to obtain all user accounts credentials.
References (2)
Core 2
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://us-cert.cisa.gov/ics/advisories/icsa-20-196-01
Third Party Advisory, VDB Entry x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-20-867/
Scores
CVSS v3
7.5
EPSS
0.0042
EPSS Percentile
62.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-284
Status
published
Products (1)
advantech/iview
< 5.6
Published
Jul 15, 2020
Tracked Since
Feb 18, 2026