CVE-2024-6618

Name of the Vulnerable Software and Affected Versions Dream Report versions (affected versions not specified) AVEVA Reports for Operations versions (affected versions not specified)

Description The issue is related to errors in processing relative path to directory, which could allow an attacker to perform remote code execution through the injection of a malicious dynamic-link library (DLL).

Recommendations For Dream Report, consider restricting access to vulnerable directories to minimize the risk of exploitation. For AVEVA Reports for Operations, avoid using relative paths in directory processing until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.