PT-2018-14266 · Indusoft+1 · Indusoft Web Studio+1

Publicado

2018-11-02

Atualizado

2021-04-08

CVE-2018-17914

CVSS v3.1

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions InduSoft Web Studio versions prior to 8.1 SP2 InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2

Description This issue could allow an unauthenticated user to remotely execute code with the same privileges as that of the InduSoft Web Studio or InTouch Edge HMI runtime.

Recommendations For InduSoft Web Studio versions prior to 8.1 SP2, update to version 8.1 SP2 or later. For InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2, update to version 2017 SP2 or later.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-258

Identificadores relacionados

CVE-2018-17914

Produtos afetados

Intouch Edge Hmi

Indusoft Web Studio

PT-2018-14266 · Indusoft+1 · Indusoft Web Studio+1

CVE-2018-17914

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5