Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aveva edge vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2021-42794
An issue exists in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior. The application allows a client to provide a malicious connection string that could allow an adversary to port scan the LAN, depending on the hosts' responses.
Aveva Edge 2020
Aveva Edge
9.8
CVSSv3
CVE-2021-42796
An issue exists in ExecuteCommand() in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior that allows unauthenticated arbitrary commands to be executed.
Aveva Edge 2020
Aveva Edge
7.5
CVSSv3
CVE-2021-42797
Path traversal vulnerability in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior allows an unauthenticated user to steal the Windows access token of the user account configured for accessing external DB resources.
Aveva Edge 2020
Aveva Edge
7.8
CVSSv3
CVE-2022-28685
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious ...
Aveva Aveva Edge
7.8
CVSSv3
CVE-2022-28686
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious ...
Aveva Aveva Edge
7.8
CVSSv3
CVE-2022-28687
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious ...
Aveva Aveva Edge
7.8
CVSSv3
CVE-2022-28688
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious ...
Aveva Aveva Edge
7.1
CVSSv3
CVE-2022-36969
This vulnerability allows remote malicious users to disclose sensitive information on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a ma...
Aveva Aveva Edge
7.8
CVSSv3
CVE-2022-36970
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of AVEVA Edge 20.0 Build: 4201.2111.1802.0000 Service Pack 2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a m...
Aveva Aveva Edge
NA
CVE-2015-0997
Schneider Electric InduSoft Web Studio prior to 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 prior to 7.1.3.4 SP3 Patch 4 provide an HMI user interface that lists all valid usernames, which makes it easier for remote malicious users to obtain access via a brute-force pass...
Aveva Aveva Edge
Schneider-electric Wonderware Intouch 2014
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »