Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 19/07/2018 Updated: 07/11/2023

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

AVEVA InduSoft Web Studio v8.1 and v8.1SP1, and InTouch Machine Edition v2017 8.1 and v2017 8.1 SP1 a remote user could send a carefully crafted packet to exploit a stack-based buffer overflow vulnerability during tag, alarm, or event related actions such as read and write, with potential for code to be executed.

Vulnerable Product	Search on Vulmon	Subscribe to Product
aveva intouch machine 2017 8.1
aveva indusoft web studio 8.1

CWE-787 https://ics-cert.us-cert.gov/advisories/ICSA-18-200-01 https://www.tenable.com/security/research/tra-2018-19 http://www.securityfocus.com/bid/104870 https://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityBulletin_LFSec128%28002%29.pdf https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-10620

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect