Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistIcscertCVELIST:CVE-2018-10628
HistoryJul 19, 2018 - 12:00 a.m.

CVE-2018-10628

2018-07-1900:00:00
CWE-121
icscert
www.cve.org

10 High

AI Score

Confidence

High

0.037 Low

EPSS

Percentile

91.8%

JSON

AVEVA InTouch 2014 R2 SP1 and prior, InTouch 2017, InTouch 2017 Update 1, and InTouch 2017 Update 2 allow an unauthenticated user to send a specially crafted packet that could overflow the buffer on a locale not using a dot floating point separator. Exploitation could allow remote code execution under the privileges of the InTouch View process.

CNA Affected

[
  {
    "product": "InTouch",
    "vendor": "AVEVA Software, LLC.",
    "versions": [
      {
        "status": "affected",
        "version": "2014 R2 SP1 and prior"
      },
      {
        "status": "affected",
        "version": "2017"
      },
      {
        "status": "affected",
        "version": "2017 Update 1"
      },
      {
        "status": "affected",
        "version": "2017 Update 2"
      }
    ]
  }
]

Related

ics 1
prion 1
nvd 1
cve 1
ics
ics
AVEVA InTouch
2018-07-19 12:00:00
prion
prion
Design/Logic Flaw
2018-07-24 18:29:00
nvd
nvd
CVE-2018-10628
2018-07-24 18:29:00
cve
cve
CVE-2018-10628
2018-07-24 18:29:00

10 High

AI Score

Confidence

High

0.037 Low

EPSS

Percentile

91.8%

JSON
Related for CVELIST:CVE-2018-10628
ics1prion1nvd1cve1