HIGH✓ PATCH🇬🇧 English

CVE-2023-33873

CVSS 7.8v3.1pub. 2023-11-15upd. 2024-11-21

This privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standard privileges to escalate to System privilege on the machine where these products are installed, resulting in complete compromise of the target machine.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Aveva Batch Management

    APP
    Aveva
    2020< 2020
  • Aveva Communication Drivers

    APP
    Aveva
    2020< 2020
  • Aveva Edge

    APP
    Aveva
    ≤ 20.1.101
  • Aveva Enterprise Licensing

    APP
    Aveva
    ≤ 3.7.002
  • Aveva Historian

    APP
    Aveva
    2020< 2020
  • Aveva Intouch

    APP
    Aveva
    2020< 2020
  • Aveva Manufacturing Execution System

    APP
    Aveva
    2020< 2020
  • Aveva Mobile Operator

    APP
    Aveva
    2020< 2020
  • Aveva Plant Scada

    APP
    Aveva
    2020< 2020
  • Aveva Recipe Management

    APP
    Aveva
    2020< 2020
  • Aveva System Platform

    APP
    Aveva
    2020< 2020
  • Aveva Telemetry Server

    APP
    Aveva
    2020r2
  • Aveva Work Tasks

    APP
    Aveva
    2020< 2020
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
LPE
CWE
Referencje

Powiązane podatności

CVE-2021-42796CRITICAL9.8PL ✓ten sam produkt

AVEVA Edge: nieuwierzytelnione zdalne wykonanie poleceń (RCE) w ExecuteCommand()

CVE-2023-1256CRITICAL9.8ten sam produkt

The listed versions of AVEVA Plant SCADA and AVEVA Telemetry Server are vulnerable to an improper authorizatio...

CVE-2018-17914CRITICAL9.8ten sam produkt

InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) version...

CVE-2018-17916CRITICAL9.8ten sam produkt

InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) version...

CVE-2023-6132HIGH7.3ten sam produkt

The vulnerability, if exploited, could allow a malicious entity with access to the file system to achieve arb...