Lucene search
K

AVEVA Edge 2020 R2 SP1 and all prior versions

🗓️ 06 Sep 2022 00:00:00Reported by Industrial Control Systems Cyber Emergency Response TeamType 
ics
 ics
🔗 www.cisa.gov👁 77 Views

AVEVA Edge 2020 R2 SP1 and prior versions have insufficient UI warning, uncontrolled search path, deserialization of untrusted data, and improper restriction of XML external entity reference leading to arbitrary code execution, information disclosure, and denial of service

Related
Refs
ReporterTitlePublishedViews
Family
BDU FSTEC
The vulnerability of the AVEVA Edge SCADA system, related to the restoration of unreliable data in memory, allows a intruder to execute arbitrary code.
22 Aug 202200:00
bdu_fstec
BDU FSTEC
The vulnerability of the AVEVA Edge SCADA system, related to the uncontrolled element in the search process, allows a intruder to execute arbitrary commands or increase their privileges.
22 Aug 202200:00
bdu_fstec
BDU FSTEC
The vulnerability of the AVEVA Edge SCADA system, related to the uncontrolled element in the search process, allows a intruder to execute arbitrary commands or increase their privileges.
22 Aug 202200:00
bdu_fstec
BDU FSTEC
The vulnerability of the AVEVA Edge SCADA system, related to the uncontrolled element in the search process, allows a intruder to execute arbitrary commands or increase their privileges.
22 Aug 202200:00
bdu_fstec
BDU FSTEC
The vulnerability of the AVEVA Edge SCADA system, related to incorrect restrictions on XML references to external objects, allows a intruder to trigger a service failure or gain unauthorized access to confidential data.
22 Aug 202200:00
bdu_fstec
BDU FSTEC
The vulnerability of the SCADA system AVEVA Edge’s script creation function, related to insufficient warning for dangerous actions, allows a violator to execute arbitrary code.
22 Aug 202200:00
bdu_fstec
Circl
CVE-2022-28685
29 Mar 202322:16
circl
Circl
CVE-2022-28686
18 Feb 202521:11
circl
Circl
CVE-2022-28687
18 Feb 202521:11
circl
Circl
CVE-2022-28688
18 Feb 202521:11
circl
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation