Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-38410
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
AVEVA PCS Portal Uncontrolled Search Path Element
Source: NVD (National Vulnerability Database)
Vulnerability Description
AVEVA Software Platform Common Services (PCS) Portal versions 4.5.2, 4.5.1, 4.5.0, and 4.4.6 are vulnerable to DLL hijacking through an uncontrolled search path element, which may allow an attacker control to one or more locations in the search path.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
AVEVA System Platform 代码问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
AVEVA System Platform是英国AVEVA公司的一个应用软件。用于监管、企业 SCADA、MES 和 IIoT 应用程序的响应迅速、标准驱动且可扩展的基础。 AVEVA System Platform Common Services (PCS) Portal 存在代码问题漏洞,该漏洞源于通过不受控制的搜索路径元素,受影响的产品容易受到 DLL 劫持,这可能允许攻击者控制搜索路径中的一个或多个位置。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
AVEVAPlatform Common Services (PCS) Portal 4.5.2 -
II. Public POCs for CVE-2021-38410
#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2021-38410
Please Login to view more intelligence information
New Vulnerabilities
Vendor: AVEVA
V. Comments for CVE-2021-38410

No comments yet

Leave a comment