Skip to main content

Wonderware Intouch

4 CVEs product

Monthly

CVE-2017-14024 CRITICAL Act Now

A Stack-based Buffer Overflow issue was discovered in Schneider Electric InduSoft Web Studio v8.0 SP2 Patch 1 and prior versions, and InTouch Machine Edition v8.0 SP2 Patch 1 and prior versions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Schneider Electric Wonderware Indusoft Web Studio Wonderware Intouch
NVD
CVSS 3.0
9.8
EPSS
3.5%
CVE-2017-13997 CRITICAL Act Now

A Missing Authentication for Critical Function issue was discovered in Schneider Electric InduSoft Web Studio v8.0 SP2 or prior, and InTouch Machine Edition v8.0 SP2 or prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Schneider Electric Wonderware Indusoft Web Studio Wonderware Intouch
NVD
CVSS 3.0
9.8
EPSS
1.6%
CVE-2012-4709 MEDIUM This Month

Invensys Wonderware InTouch HMI 2012 R2 and earlier allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption). Rated medium severity (CVSS 6.9). No vendor patch available.

Buffer Overflow Denial Of Service XXE Wonderware Intouch
NVD
CVSS 2.0
6.9
EPSS
0.2%
CVE-2012-4693 LOW Monitor

Invensys Wonderware InTouch 2012 R2 and earlier and Siemens ProcessSuite use a weak encryption algorithm for data in Ps_security.ini, which makes it easier for local users to discover passwords by. Rated low severity (CVSS 1.9). No vendor patch available.

Siemens Information Disclosure Wonderware Intouch Processsuite
NVD
CVSS 2.0
1.9
EPSS
0.1%
EPSS 4% CVSS 9.8
CRITICAL Act Now

A Stack-based Buffer Overflow issue was discovered in Schneider Electric InduSoft Web Studio v8.0 SP2 Patch 1 and prior versions, and InTouch Machine Edition v8.0 SP2 Patch 1 and prior versions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Schneider Electric +2
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

A Missing Authentication for Critical Function issue was discovered in Schneider Electric InduSoft Web Studio v8.0 SP2 or prior, and InTouch Machine Edition v8.0 SP2 or prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Schneider Electric Wonderware Indusoft Web Studio +1
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

Invensys Wonderware InTouch HMI 2012 R2 and earlier allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption). Rated medium severity (CVSS 6.9). No vendor patch available.

Buffer Overflow Denial Of Service XXE +1
NVD
EPSS 0% CVSS 1.9
LOW Monitor

Invensys Wonderware InTouch 2012 R2 and earlier and Siemens ProcessSuite use a weak encryption algorithm for data in Ps_security.ini, which makes it easier for local users to discover passwords by. Rated low severity (CVSS 1.9). No vendor patch available.

Siemens Information Disclosure Wonderware Intouch +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy