Lucene search
K

7 matches found

CVE
CVE
added 2023/11/15 4:22 p.m.75 views

CVE-2023-33873

CVE-2023-33873 describes a local privilege-escalation on AVEVA Operations Control Logger and related AVEVA products (e.g., AVEVA System Platform, Historian, Application Server, InTouch, and more listed in the ICS advisory). The vulnerability allows a local OS-authenticated user with standard priv...

7.8CVSS7.9AI score0.00236EPSS
CVE
CVE
added 2023/11/15 4:28 p.m.69 views

CVE-2023-34982

CVE-2023-34982 affects AVEVA Operations Control Logger (external control of file name or path). A local OS-authenticated user with standard privileges could delete files with System privileges, leading to denial of service. The CVE is discussed across multiple sources (NVD entry and AVEVA/ICS adv...

7.1CVSS6.1AI score0.00219EPSS
CVE
CVE
added 2018/11/02 1:0 p.m.59 views

CVE-2018-17916

Summary: CVE-2018-17916 affects Schneider Electric/AVEVA InduSoft Web Studio (pre-8.1 SP2) and InTouch Edge HMI (pre-2017 SP2). A remote attacker can trigger a stack-based buffer overflow during tag/alarm/event actions (read/write) via a crafted packet, potentially executing arbitrary code with t...

10CVSS9.6AI score0.03733EPSS
CVE
CVE
added 2023/12/16 12:0 a.m.57 views

CVE-2021-42796

CVE-2021-42796 affects AVEVA Edge (formerly InduSoft Web Studio) pre-2020 R2. The vulnerability is in the ExecuteCommand() function (stadosvr.exe) and allows unauthenticated arbitrary commands to execute, via improper access control. The issue is documented with a base CVSS v3.1 score of 9.8 (Net...

9.8CVSS9.4AI score0.01133EPSS
CVE
CVE
added 2023/12/16 12:0 a.m.53 views

CVE-2021-42794

AVEVA Edge (formerly InduSoft Web Studio)

5.3CVSS5.1AI score0.01199EPSS
CVE
CVE
added 2023/12/16 12:0 a.m.48 views

CVE-2021-42797

CVE-2021-42797 — AVEVA Edge (formerly InduSoft Web Studio) : Path traversal in AVEVA Edge versions R2020 and prior allows an unauthenticated user to disclose the Windows access token used for external DB resources. Affected product: AVEVA Edge; vulnerable component(s): runtime/installation flow t...

7.5CVSS7.5AI score0.01EPSS
CVE
CVE
added 2018/11/02 1:0 p.m.47 views

CVE-2018-17914

CVE-2018-17914 affects Schneider Electric InduSoft Web Studio <8.1 SP2 and InTouch Edge HMI

10CVSS9.5AI score0.04567EPSS