CISA has released an advisory on code injection, command injection, stack-based buffer overflow, and improper authorization vulnerabilities in Advantech WebAccess. Versions 8.4.1 and prior are affected. Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, access files and perform actions at a privileged level, or delete files on the system. Advantech has released Version 8.4.2 of WebAccessNode to address the reported vulnerabilities. CISA also recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.