Advantech iView

Act Now9.1ICS-CERT ICSA-21-154-01Jun 3, 2021

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Advantech iView versions prior to 5.7.03.6182 contain two critical vulnerabilities: missing authentication controls (CWE-306) and SQL/command injection (CWE-89). These flaws allow an attacker to disclose sensitive information and perform remote code execution without valid credentials. The vulnerabilities affect all iView deployments exposed to untrusted networks.

What this means

What could happen

An attacker could read sensitive data from iView and execute arbitrary code on the device, potentially disrupting monitoring and control of industrial processes or gaining access to critical plant information.

Who's at risk

Industrial facilities using Advantech iView for monitoring and visualization of control systems, including water utilities, power plants, and manufacturing operations that rely on iView for operational visibility and reporting.

How it could be exploited

An attacker on the network can send a specially crafted request to iView without authentication due to missing access controls (CWE-306) and inject commands via SQL or similar mechanisms (CWE-89) to extract data or execute code remotely.

Prerequisites

Network access to iView on port HTTP/HTTPS (typically 80/443)
No authentication required

remotely exploitableno authentication requiredlow complexityinformation disclosureremote code execution potential

Exploitability

Low exploit probability (EPSS 0.4%)

Affected products (1)

ProductAffected VersionsFix Status

iView:< 5.7.03.61825.7.03.6182

Remediation & Mitigation

0/4

Do now

0/3

HARDENINGIsolate iView systems from the business network; place behind a firewall and restrict network access

HARDENINGEnsure iView is not accessible from the Internet; disable or restrict remote access to the monitoring console

WORKAROUNDIf remote access is required, enforce access through a VPN with the latest security updates

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate iView firmware to version 5.7.03.6182 or later

CVEs (2)

CVE-2021-32930 CVE-2021-32932

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/46cd71ff-c3bc-4ee2-a78f-9debef4cee04