CVE-2018-10620

Summary

AVEVA InduSoft Web Studio v8.1 and v8.1SP1, and InTouch Machine Edition v2017 8.1 and v2017 8.1 SP1 a remote user could send a carefully crafted packet to exploit a stack-based buffer overflow vulnerability during tag, alarm, or event related actions such as read and write, with potential for code to be executed.

Affected Software

VendorProductVersion RangeStatus
AVEVA Software, LLCInduSoft Web Studiov8.1 and v8.1SP1affected
AVEVA Software, LLCInTouch Machine Editionv2017 8.1 and v2017 8.1 SP1affected

Weaknesses

  • CWE-121: STACK-BASED BUFFER OVERFLOW CWE-121

ADP Enrichment

CVE Program Container

Additional References

References