5 matches found
CVE-2019-6545
CVE-2019-6545 affects AVEVA InduSoft Web Studio prior to 8.1 SP3 and InTouch Edge HMI prior to 2017 Update. An unauthenticated remote attacker can trigger arbitrary process execution on the server by supplying a specially crafted database connection configuration file. Public sources document a r...
CVE-2019-6543
Summary: CVE-2019-6543 affects AVEVA InduSoft Web Studio versions before 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) before 2017 Update. The flaw allows code to be executed with program runtime privileges due to missing authentication for a critical function (and related resou...
CVE-2018-10620
Affected software: Aveva InduSoft Web Studio (v8.1 and v8.1SP1) and InTouch Machine Edition (v2017 8.1 and v2017 8.1 SP1). Root cause: stack-based buffer overflow triggered by remote-crafted network packets during tag, alarm, or event actions (read/write). Impact: remote code execution or applica...
CVE-2018-17916
Summary: CVE-2018-17916 affects Schneider Electric/AVEVA InduSoft Web Studio (pre-8.1 SP2) and InTouch Edge HMI (pre-2017 SP2). A remote attacker can trigger a stack-based buffer overflow during tag/alarm/event actions (read/write) via a crafted packet, potentially executing arbitrary code with t...
CVE-2018-17914
CVE-2018-17914 affects Schneider Electric InduSoft Web Studio <8.1 SP2 and InTouch Edge HMI