Every CVE whose affected-product data names Advantech Iview, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (37)
CVE-2020-14497 — CVSS 9.8 (critical): Advantech iView, versions 5.6 and prior, contains multiple SQL injection vulnerabilities that are vulnerable to the use of an…
CVE-2021-22652 — CVSS 9.8 (critical): Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing authentication, which may allow an unauthorized…
CVE-2021-22658 — CVSS 9.8 (critical): Advantech iView versions prior to v5.7.03.6112 are vulnerable to a SQL injection, which may allow an attacker to escalate privileges to…
CVE-2021-32930 — CVSS 9.8 (critical): The affected product’s configuration is vulnerable due to missing authentication, which may allow an attacker to change configurations…
CVE-2022-50593 — CVSS 9.8 (critical): Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote…
CVE-2022-50591 — CVSS 9.8 (critical): Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote…
CVE-2022-2143 — CVSS 9.8 (critical): The affected product is vulnerable to two instances of command injection, which may allow an attacker to remotely execute arbitrary code.
CVE-2020-14501 — CVSS 9.8 (critical): Advantech iView, versions 5.6 and prior, has an improper authentication for critical function (CWE-306) issue. Successful exploitation of…
CVE-2020-14503 — CVSS 9.8 (critical): Advantech iView, versions 5.6 and prior, has an improper input validation vulnerability. Successful exploitation of this vulnerability…
CVE-2020-14505 — CVSS 9.8 (critical): Advantech iView, versions 5.6 and prior, has an improper neutralization of special elements used in a command (“command injection”)…
CVE-2020-14507 — CVSS 9.8 (critical): Advantech iView, versions 5.6 and prior, is vulnerable to multiple path traversal vulnerabilities that could allow an attacker to…
CVE-2020-16245 — CVSS 9.8 (critical): Advantech iView, Versions 5.7 and prior. The affected product is vulnerable to path traversal vulnerabilities that could allow an attacker…
CVE-2025-53515 — CVSS 8.8 (high): A vulnerability exists in Advantech iView that allows for SQL injection and remote code execution through NetworkServlet.archiveTrap()…
CVE-2023-3983 — CVSS 8.8 (high): An authenticated SQL injection vulnerability exists in Advantech iView versions prior to v5.7.4 build 6752. An authenticated remote…
CVE-2025-53475 — CVSS 8.8 (high): A vulnerability exists in Advantech iView that could allow for SQL injection and remote code execution through NetworkServlet.getNextTrapPag…
CVE-2025-52577 — CVSS 8.8 (high): A vulnerability exists in Advantech iView that could allow SQL injection and remote code execution through NetworkServlet.archiveTrapRange()…
CVE-2022-2136 — CVSS 8.8 (high): The affected product is vulnerable to multiple SQL injections that require low privileges for exploitation and may allow an unauthorized…
CVE-2022-2138 — CVSS 8.2 (high): The affected product is vulnerable due to missing authentication, which may allow an attacker to read or modify sensitive data and execute…
CVE-2022-2142 — CVSS 8.1 (high): The affected product is vulnerable to a SQL injection with high attack complexity, which may allow an unauthorized attacker to disclose…
CVE-2025-48891 — CVSS 7.6 (high): A vulnerability exists in Advantech iView that could allow for SQL injection through the CUtils.checkSQLInjection() function. This…
CVE-2020-14499 — CVSS 7.5 (high): Advantech iView, versions 5.6 and prior, has an improper access control vulnerability. Successful exploitation of this vulnerability may…
CVE-2021-22656 — CVSS 7.5 (high): Advantech iView versions prior to v5.7.03.6112 are vulnerable to directory traversal, which may allow an attacker to read sensitive files.
CVE-2021-22654 — CVSS 7.5 (high): Advantech iView versions prior to v5.7.03.6112 are vulnerable to a SQL injection, which may allow an unauthorized attacker to disclose…
CVE-2022-2135 — CVSS 7.5 (high): The affected product is vulnerable to multiple SQL injections, which may allow an unauthorized attacker to disclose information.
CVE-2022-50594 — CVSS 7.5 (high): Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote…
CVE-2021-32932 — CVSS 7.5 (high): The affected product is vulnerable to a SQL injection, which may allow an unauthorized attacker to disclose information on the iView…
CVE-2022-3323 — CVSS 7.5 (high): An SQL injection vulnerability in Advantech iView 5.7.04.6469. The specific flaw exists within the ConfigurationServlet endpoint, which…
CVE-2023-52335 — CVSS 7.5 (high): Advantech iView ConfigurationServlet SQL Injection Information Disclosure Vulnerability. This vulnerability allows remote attackers to…
CVE-2022-50595 — CVSS 7.2 (high): Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote…
CVE-2022-50592 — CVSS 7.2 (high): Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote…
CVE-2022-2139 — CVSS 6.5 (medium): The affected product is vulnerable to directory traversal, which may allow an attacker to access unauthorized files and execute arbitrary…
CVE-2025-53509 — CVSS 6.5 (medium): A vulnerability exists in Advantech iView that allows for argument injection in the NetworkServlet.restoreDatabase(). This issue requires…
CVE-2025-53519 — CVSS 5.4 (medium): A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting (XSS)…
CVE-2025-41442 — CVSS 5.4 (medium): A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting (XSS)…
CVE-2025-53397 — CVSS 5.4 (medium): A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting (XSS)…
CVE-2022-2137 — CVSS 4.9 (medium): The affected product is vulnerable to two SQL injections that require high privileges for exploitation and may allow an unauthorized…
CVE-2025-46704 — CVSS 4.3 (medium): A vulnerability exists in Advantech iView in NetworkServlet.processImportRequest() that could allow for a directory traversal attack. This…