Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
AVEVA InTouch 2014 R2 SP1 and prior, InTouch 2017, InTouch 2017 Update 1, and InTouch 2017 Update 2 allow an unauthenticated user to send a specially crafted packet that could overflow the buffer on a locale not using a dot floating point separator. Exploitation could allow remote code execution under the privileges of the InTouch View process.
CVSS Information
N/A
Vulnerability Type
栈缓冲区溢出
Vulnerability Title
AVEVA InTouch 安全漏洞
Vulnerability Description
AVEVA InTouch是英国AVEVA Group plc公司的一套嵌入式HMI软件包。该产品为HMI客户端提供读取、写入标签和事件监控功能。 AVEVA InTouch中存在安全漏洞。远程攻击者可通过发送特制的数据包利用该漏洞以InTouch View进程权限执行代码。以下版本受到影响:AVEVA InTouch 2014 R2 SP1及之前版本,InTouch 2017版本,InTouch 2017 Update 1版本,InTouch 2017 Update 2版本。
CVSS Information
N/A
Vulnerability Type
N/A