PT-2022-10171 · Aveva · Aveva System Platform

Sharon Brizinov

Published

2022-04-04

Updated

2022-04-13

CVE-2021-32977

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions AVEVA System Platform versions 2017 through 2020 R2 P01

Description The issue is related to the verification of cryptographic signatures for data. Specifically, the software does not verify, or incorrectly verifies, these signatures.

Recommendations For AVEVA System Platform versions 2017 through 2020 R2 P01, at the moment, there is no information about a newer version that contains a fix for this issue.

Fix

Improper Verification of Cryptographic Signature

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-347

Related Identifiers

CVE-2021-32977

Affected Products

Aveva System Platform

PT-2022-10171 · Aveva · Aveva System Platform

CVE-2021-32977

Weakness Enumeration

Related Identifiers

Affected Products

References · 5