Vulnerability research on SCADA HMI system
We present the case study of Advantech WebAccess and through this case study, we defined three phases for vulnerability research. Through the three phases, we analyze past vulnerabilities, several versions of the software and have managed to find new vulnerabilities on the latest version: 8.3.0. The...
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project (FYP) |
| Language: | English |
| Published: |
2018
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/10356/74088 |
| _version_ | 1811679449580568576 |
|---|---|
| author | Teo, Edmund Jing Wei |
| author2 | Liu Yang |
| author_facet | Liu Yang Teo, Edmund Jing Wei |
| author_sort | Teo, Edmund Jing Wei |
| collection | NTU |
| description | We present the case study of Advantech WebAccess and through this case study, we defined three phases for vulnerability research. Through the three phases, we analyze past vulnerabilities, several versions of the software and have managed to find new vulnerabilities on the latest version: 8.3.0. The new vulnerabilities are assigned as CVE-2018-7450 and CVE-2018-7451 which are currently given a status as RESERVED. We also mapped out the undocumented jump table of WebAccess network service as well as analyzing patches applied to Advantech WebAccess for its effectiveness. |
| first_indexed | 2024-10-01T03:09:20Z |
| format | Final Year Project (FYP) |
| id | ntu-10356/74088 |
| institution | Nanyang Technological University |
| language | English |
| last_indexed | 2024-10-01T03:09:20Z |
| publishDate | 2018 |
| record_format | dspace |
| spelling | ntu-10356/740882023-03-03T20:52:41Z Vulnerability research on SCADA HMI system Teo, Edmund Jing Wei Liu Yang School of Computer Science and Engineering DRNTU::Engineering We present the case study of Advantech WebAccess and through this case study, we defined three phases for vulnerability research. Through the three phases, we analyze past vulnerabilities, several versions of the software and have managed to find new vulnerabilities on the latest version: 8.3.0. The new vulnerabilities are assigned as CVE-2018-7450 and CVE-2018-7451 which are currently given a status as RESERVED. We also mapped out the undocumented jump table of WebAccess network service as well as analyzing patches applied to Advantech WebAccess for its effectiveness. Bachelor of Engineering (Computer Science) 2018-04-24T06:01:26Z 2018-04-24T06:01:26Z 2018 Final Year Project (FYP) http://hdl.handle.net/10356/74088 en Nanyang Technological University 62 p. application/pdf |
| spellingShingle | DRNTU::Engineering Teo, Edmund Jing Wei Vulnerability research on SCADA HMI system |
| title | Vulnerability research on SCADA HMI system |
| title_full | Vulnerability research on SCADA HMI system |
| title_fullStr | Vulnerability research on SCADA HMI system |
| title_full_unstemmed | Vulnerability research on SCADA HMI system |
| title_short | Vulnerability research on SCADA HMI system |
| title_sort | vulnerability research on scada hmi system |
| topic | DRNTU::Engineering |
| url | http://hdl.handle.net/10356/74088 |
| work_keys_str_mv | AT teoedmundjingwei vulnerabilityresearchonscadahmisystem |