CRITICAL🇵🇱 Wersja polska

CVE-2018-10620

CVSS 9.8v3.1pub. 2018-07-19upd. 2024-11-21

AVEVA InduSoft Web Studio v8.1 and v8.1SP1, and InTouch Machine Edition v2017 8.1 and v2017 8.1 SP1 a remote user could send a carefully crafted packet to exploit a stack-based buffer overflow vulnerability during tag, alarm, or event related actions such as read and write, with potential for code to be executed.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Aveva Indusoft Web Studio

    APP
    Aveva
    8.1
  • Aveva Intouch Machine 2017

    APP
    Aveva
    8.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Memory
CWE
References

Related vulnerabilities

CVE-2019-6543CRITICAL9.8ten sam produkt

AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machin...

CVE-2018-17914CRITICAL9.8ten sam produkt

InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) version...

CVE-2018-17916CRITICAL9.8ten sam produkt

InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) version...

CVE-2019-6545HIGH7.5ten sam produkt

AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machin...

CVE-2025-61937CRITICAL10.0PL ✓ten sam vendor

RCE z uprawnieniami systemowymi w Aveva Process Optimization