HIGH🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2016-4523

CVSS 7.5v3.1pub. 2016-06-09upd. 2026-04-22

The WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via unspecified vectors.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Trihedral Vtscada

    APP
    Trihedral
    8.0.05 – 11.2.02 (bez)

CISA KEV — detailsi

Vendori
Trihedral
Producti
VTScada (formerly VTS)
Added to KEVi
April 15, 2022
Remediation deadline (US Federal)i
May 6, 2022(overdue)
Required action (CISA)i

Apply updates per vendor instructions.

CISA descriptioni

The WAP interface in Trihedral VTScada (formerly VTS) allows remote attackers to cause a denial-of-service (DoS).

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 6 maja 2022
Tags
DoSMemory
CWE
References

Related vulnerabilities

CVE-2016-4510CRITICAL9.1ten sam produkt

The WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows remote attackers ...

CVE-2016-4532CRITICAL9.1ten sam produkt

Directory traversal vulnerability in the WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x be...

CVE-2022-3181HIGH7.5ten sam produkt

An Improper Input Validation vulnerability exists in Trihedral VTScada version 12.0.38 and prior. A specifical...

CVE-2017-14031HIGH7.8ten sam produkt

An Improper Access Control issue was discovered in Trihedral VTScada 11.3.03 and prior. A local, non-administr...

CVE-2017-14029HIGH7.8ten sam produkt

An Uncontrolled Search Path Element issue was discovered in Trihedral VTScada 11.3.03 and prior. The program w...