VDB

ICSA-22-130-05

ICSA-22-130-05 PUBLISHED CVSS 7.400000095367432 HIGH

Successful exploitation of this vulnerability could allow an authenticated user to escape from the context of the streamed application into the OS and launch arbitrary OS commands.

Risk Scores

CVSS 3.1
7.400000095367432
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

Affected Products

VendorProductVersions
AVEVA Plant SCADA Access Anywhere (formerly known as AVEVA Citect Anywhere and Schneider Electric Citect Anywhere): All versions
AVEVA InTouch Access Anywhere: All versions

Timeline

  • May 10, 2022 CVE Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›