Vulnerability research on SCADA HMI system

We present the case study of Advantech WebAccess and through this case study, we defined three phases for vulnerability research. Through the three phases, we analyze past vulnerabilities, several versions of the software and have managed to find new vulnerabilities on the latest version: 8.3.0. The...

Full description

Saved in:
Bibliographic Details
Main Author: Teo, Edmund Jing Wei
Other Authors: Liu Yang
Format: Final Year Project
Language:English
Published: 2018
Subjects:
Online Access:http://hdl.handle.net/10356/74088
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
id sg-ntu-dr.10356-74088
record_format dspace
spelling sg-ntu-dr.10356-740882023-03-03T20:52:41Z Vulnerability research on SCADA HMI system Teo, Edmund Jing Wei Liu Yang School of Computer Science and Engineering DRNTU::Engineering We present the case study of Advantech WebAccess and through this case study, we defined three phases for vulnerability research. Through the three phases, we analyze past vulnerabilities, several versions of the software and have managed to find new vulnerabilities on the latest version: 8.3.0. The new vulnerabilities are assigned as CVE-2018-7450 and CVE-2018-7451 which are currently given a status as RESERVED. We also mapped out the undocumented jump table of WebAccess network service as well as analyzing patches applied to Advantech WebAccess for its effectiveness. Bachelor of Engineering (Computer Science) 2018-04-24T06:01:26Z 2018-04-24T06:01:26Z 2018 Final Year Project (FYP) http://hdl.handle.net/10356/74088 en Nanyang Technological University 62 p. application/pdf
institution Nanyang Technological University
building NTU Library
continent Asia
country Singapore
Singapore
content_provider NTU Library
collection DR-NTU
language English
topic DRNTU::Engineering
spellingShingle DRNTU::Engineering
Teo, Edmund Jing Wei
Vulnerability research on SCADA HMI system
description We present the case study of Advantech WebAccess and through this case study, we defined three phases for vulnerability research. Through the three phases, we analyze past vulnerabilities, several versions of the software and have managed to find new vulnerabilities on the latest version: 8.3.0. The new vulnerabilities are assigned as CVE-2018-7450 and CVE-2018-7451 which are currently given a status as RESERVED. We also mapped out the undocumented jump table of WebAccess network service as well as analyzing patches applied to Advantech WebAccess for its effectiveness.
author2 Liu Yang
author_facet Liu Yang
Teo, Edmund Jing Wei
format Final Year Project
author Teo, Edmund Jing Wei
author_sort Teo, Edmund Jing Wei
title Vulnerability research on SCADA HMI system
title_short Vulnerability research on SCADA HMI system
title_full Vulnerability research on SCADA HMI system
title_fullStr Vulnerability research on SCADA HMI system
title_full_unstemmed Vulnerability research on SCADA HMI system
title_sort vulnerability research on scada hmi system
publishDate 2018
url http://hdl.handle.net/10356/74088
_version_ 1759853692101591040