AI Score
Confidence
High
EPSS
Percentile
73.7%
Invensys Wonderware InTouch 8.0 creates a NetDDE share with insecure permissions (Everyone/Full Control), which allows remote authenticated attackers, and possibly anonymous users, to execute arbitrary programs.
osvdb.org/42398
pacwest.wonderware.com/web/News/NewsDetails.aspx?NewsThreadID=2&NewsID=201804
secunia.com/advisories/27751
www.digitalbond.com/index.php/2007/11/19/wonderware-intouch-80-netdde-vulnerability-s4-preview/
www.kb.cert.org/vuls/id/138633
www.securityfocus.com/bid/26496