Aveva

Aveva Edge

10 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2022-28685

  • EPSS 14.66%
  • Published 29.03.2023 19:15:11
  • Last modified 18.02.2025 16:15:09

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious p...

7.8

CVE-2022-28686

  • EPSS 1.33%
  • Published 29.03.2023 19:15:11
  • Last modified 18.02.2025 17:15:12

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious p...

7.8

CVE-2022-28687

  • EPSS 1.33%
  • Published 29.03.2023 19:15:11
  • Last modified 18.02.2025 17:15:12

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious p...

7.8

CVE-2022-28688

  • EPSS 1.37%
  • Published 29.03.2023 19:15:11
  • Last modified 18.02.2025 17:15:12

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a malicious p...

7.1

CVE-2022-36969

  • EPSS 2.64%
  • Published 29.03.2023 19:15:11
  • Last modified 18.02.2025 17:15:13

This vulnerability allows remote attackers to disclose sensitive information on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the target must visit a mal...

7.8

CVE-2022-36970

  • EPSS 1.79%
  • Published 29.03.2023 19:15:11
  • Last modified 21.11.2024 07:14:10

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 20.0 Build: 4201.2111.1802.0000 Service Pack 2. User interaction is required to exploit this vulnerability in that the target must visit a ma...

2.1

CVE-2015-0999

  • EPSS 0.06%
  • Published 29.03.2015 10:59:08
  • Last modified 12.04.2025 10:46:40

Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by re...

3.3

CVE-2015-0998

  • EPSS 0.23%
  • Published 29.03.2015 10:59:07
  • Last modified 12.04.2025 10:46:40

Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 transmit cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network.

5

CVE-2015-0997

  • EPSS 0.6%
  • Published 29.03.2015 10:59:06
  • Last modified 12.04.2025 10:46:40

Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 provide an HMI user interface that lists all valid usernames, which makes it easier for remote attackers to obtain access vi...

2.1

CVE-2015-0996

  • EPSS 0.06%
  • Published 29.03.2015 10:59:05
  • Last modified 12.04.2025 10:46:40

Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 rely on a hardcoded cleartext password to control read access to Project files and Project Configuration files, which makes ...