4 matches found
CVE-2018-14818
Wecon PI Studio HMI/PI Studio contain a stack-based buffer overflow vulnerability (CVE-2018-14818) affecting PI Studio HMI <=4.1.9 and PI Studio <=4.2.34 (also reflected in ICS advisory updates for PI Studio <=4.1.9 and
CVE-2018-14810
CVE-2018-14810 affects WECON PI Studio HMI: parsing of specific files can write past the end of an allocated object in PI Studio HMI 4.1.9 and earlier and PI Studio 4.2.34 and earlier, enabling code execution with administrator privileges. Notable connected sources confirm related out-of-bounds w...
CVE-2018-14814
PI Studio HMI from Wecon (PI Studio HMI: v4.1.9 and earlier; PI Studio: v4.2.34 and earlier) is affected by an out-of-bounds read (CWE-125) due to improper validation of user-supplied data, potentially reading beyond an allocated object and causing information disclosure. Multiple sources corrobo...
CVE-2018-17889
Wecon PI Studio HMI and PI Studio are affected by an XML External Entity (XXE) vulnerability in the XMLParser used when parsing project files. The issue, identified as CVE-2018-17889, is in PI Studio HMI 4.1.9 and earlier and PI Studio 4.2.34 and earlier (per CVE records). Connected sources also ...