Intouch 2020 Security Vulnerabilities

CVE-2023-33873

This privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standard privileges to escalate to System privilege on the machine where these products are installed, resulting in complete compromise of the target...

CVE-2023-34982

This external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of...

CVE-2022-23854

AVEVA InTouch Access Anywhere versions 2020 R2 and older are vulnerable to a path traversal exploit that could allow an unauthenticated user with network access to read files on the system outside of the secure gateway web...

CVE-2021-32979

Null pointer dereference in SuiteLink server while processing commands...

CVE-2021-32987

Null pointer dereference in SuiteLink server while processing command...

CVE-2021-32999

Improper handling of exceptional conditions in SuiteLink server while processing command...

CVE-2021-32971

Null pointer dereference in SuiteLink server while processing command...

CVE-2021-32959

Heap-based buffer overflow in SuiteLink server while processing commands...

CVE-2021-32963

Null pointer dereference in SuiteLink server while processing commands...

CVE-2021-32942

The vulnerability could expose cleartext credentials from AVEVA InTouch Runtime 2020 R2 and all prior versions (WindowViewer) if an authorized, privileged user creates a diagnostic memory dump of the process and saves it to a non-protected...