Skip to main content

Web Studio

5 CVEs product

Monthly

CVE-2018-8840 CRITICAL Act Now

A remote attacker could send a carefully crafted packet in InduSoft Web Studio v8.1 and prior versions, and/or InTouch Machine Edition 2017 v8.1 and prior versions during a tag, alarm, or event. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Web Studio Intouch Machine Edition 2017
NVD
CVSS 3.0
9.8
EPSS
8.4%
CVE-2015-7375 HIGH This Week

Schneider Electric InduSoft Web Studio before 8.0 allows remote attackers to execute arbitrary code or cause a denial of service (unhandled runtime exception and application crash) via a crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Schneider Electric RCE Web Studio
NVD
CVSS 2.0
7.5
EPSS
0.8%
CVE-2015-7374 HIGH This Week

The Remote Agent component in Schneider Electric InduSoft Web Studio before 8.0 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-2649. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric RCE Web Studio
NVD
CVSS 2.0
7.5
EPSS
1.8%
CVE-2015-1009 LOW Monitor

Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5 and Wonderware InTouch Machine Edition through 7.1 SP3 Patch 4 use cleartext for project-window password storage, which allows local. Rated low severity (CVSS 1.7), this vulnerability is low attack complexity. No vendor patch available.

Schneider Electric Information Disclosure Web Studio Intouch
NVD
CVSS 2.0
1.7
EPSS
0.1%
CVE-2013-1627 HIGH POC This Week

Absolute path traversal vulnerability in NTWebServer.exe in Indusoft Studio 7.0 and earlier and Advantech Studio 7.0 and earlier allows remote attackers to read arbitrary files via a full pathname in. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Advantech Studio Web Studio
NVD Exploit-DB
CVSS 2.0
7.8
EPSS
9.0%
EPSS 8% CVSS 9.8
CRITICAL Act Now

A remote attacker could send a carefully crafted packet in InduSoft Web Studio v8.1 and prior versions, and/or InTouch Machine Edition 2017 v8.1 and prior versions during a tag, alarm, or event. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Schneider Electric InduSoft Web Studio before 8.0 allows remote attackers to execute arbitrary code or cause a denial of service (unhandled runtime exception and application crash) via a crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Schneider Electric RCE +1
NVD
EPSS 2% CVSS 7.5
HIGH This Week

The Remote Agent component in Schneider Electric InduSoft Web Studio before 8.0 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-2649. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric RCE Web Studio
NVD
EPSS 0% CVSS 1.7
LOW Monitor

Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5 and Wonderware InTouch Machine Edition through 7.1 SP3 Patch 4 use cleartext for project-window password storage, which allows local. Rated low severity (CVSS 1.7), this vulnerability is low attack complexity. No vendor patch available.

Schneider Electric Information Disclosure Web Studio +1
NVD
EPSS 9% CVSS 7.8
HIGH POC This Week

Absolute path traversal vulnerability in NTWebServer.exe in Indusoft Studio 7.0 and earlier and Advantech Studio 7.0 and earlier allows remote attackers to read arbitrary files via a full pathname in. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Advantech Studio Web Studio
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy