VDB
ICSA-22-326-01
ICSA-22-326-01
PUBLISHED
CVSS 7.800000190734863 HIGH
Successful exploitation of these vulnerabilities could allow an attacker to insert malicious DLL files and trick the application into executing code.
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Edge - AVEVA Edge 2020 R2 SP1 w/ HF 2020.2.00.40 | ||
| Edge - AVEVA Edge 2020 R2 SP1 | ||
| Edge - AVEVA Edge 2020 R2 and all prior versions (formerly known as InduSoft Web Studio) |
Timeline
- Nov 22, 2022 CVE Published
References
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-326-01.json advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01 advisory
- https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01 url
- https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
- https://softwaresupportsp.aveva.com/#/producthub/details?id=bd805851-0c68-4343-15ee-08da9a4aa617 fix