CVE-2025-14849

HIGH

Advantech Webaccess/scada - Unrestricted File Upload

Title source: rule

Description

Advantech WebAccess/SCADA  is vulnerable to unrestricted file upload, which may allow an attacker to remotely execute arbitrary code.

References (3)

Scores

CVSS v3 8.8
EPSS 0.0007
EPSS Percentile 22.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE
CWE-434
Status published

Affected Products (1)

advantech/webaccess\/scada

Timeline

Published Dec 18, 2025
Tracked Since Feb 18, 2026