The NCCIC has published an advisory about command injection, stack-based buffer overflow, and improper access control vulnerabilities in Advantech WebAccess/SCADA. WebAccess/SCADA Versions 8.3.5 and prior are affected. Successful exploitation of these vulnerabilities may cause a denial of service and allow remote code execution. Advantech has released Version 8.4.0 of WebAccess/SCADA to address the reported vulnerabilities. The NCCIC also advises of a series of measures for mitigating these vulnerabilities. Read the advisory at NCCIC/ICS-CERT.