RSS   Vulnerabilities for 'Intouch 2014'   RSS

2018-07-24
 
CVE-2018-10628

CWE-119
 

 
AVEVA InTouch 2014 R2 SP1 and prior, InTouch 2017, InTouch 2017 Update 1, and InTouch 2017 Update 2 allow an unauthenticated user to send a specially crafted packet that could overflow the buffer on a locale not using a dot floating point separator. Exploitation could allow remote code execution under the privileges of the InTouch View process.

 

 >>> Vendor: Aveva 11 Products
Suitelink
Clearscada
Indusoft web studio
Intouch machine 2017
Intouch 2014
Intouch 2017
Intouch edge hmi
Intouch machine edition 2014
Wonderware system platform
Edna enterprise data historian
System platform


Copyright 2024, cxsecurity.com

 

Back to Top