Vulnerabilites related to AVEVA - InTouch
CVE-2023-33873 (GCVE-0-2023-33873)
Vulnerability from cvelistv5
Published
2023-11-15 16:22
Modified
2024-11-21 20:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-250 - Execution with Unnecessary Privileges
Summary
This privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standard privileges to escalate to System privilege on the machine where these products are installed, resulting in complete compromise of the target machine.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | AVEVA | SystemPlatform |
Version: 0 < |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:54:13.320Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33873",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T20:09:45.775149Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T20:10:00.423Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SystemPlatform",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Historian",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Application Server",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "InTouch",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Enterprise Licensing (formerly known as License Manager)",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "3.7.002",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Manufacturing Execution System (formerly known as Wonderware MES)",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Recipe Management",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 Update 1 Patch 2 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Batch Management",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 SP1 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Edge (formerly known as Indusoft Web Studio)",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Worktasks (formerly known as Workflow Management)",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 U2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Plant SCADA (formerly known as Citect)",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 Update 15",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mobile Operator (formerly known as IntelaTrac Mobile Operator Rounds)",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Communication Drivers Pack",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telemetry Server",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Lukasz Piotrowski from Equinor reported these vulnerabilities to AVEVA."
}
],
"datePublic": "2023-11-14T16:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standard privileges to escalate to System privilege on the machine where these products are installed, resulting in complete compromise of the target machine.\u003c/span\u003e\n\n"
}
],
"value": "\nThis privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standard privileges to escalate to System privilege on the machine where these products are installed, resulting in complete compromise of the target machine.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250 Execution with Unnecessary Privileges ",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-15T16:22:31.927Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01"
},
{
"url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eAVEVA recommends that organizations evaluate the impact of these vulnerabilities based on their operational environment, architecture, and product implementation. Users of affected products should apply security updates as soon as possible.\u003c/p\u003e\u003cp\u003eIn addition to applying security updates, users should follow these general precautions:\u003c/p\u003e\u003cul\u003e\u003cli\u003eEnsure that Guest or Anonymous local OS accounts are disabled.\u003c/li\u003e\u003cli\u003eEnsure that only trusted users are able to login on the nodes where the Operations Control Logger is running.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003ePlease see \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA Security Bulletin number AVEVA-2023-003\u003c/a\u003e\u0026nbsp;for more information and for links for individual security updates and mitigations for each of the affected products.\u003c/p\u003e\u003cp\u003eAVEVA System Platform 2020 through 2020 R2 SP1 cannot be newly installed on top of other AVEVA products which have been previously patched with the Operations Control Logger v22.1. For additional details please refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/#/knowledgebase/details/000038736?lang=en_us\"\u003eAlert 000038736.\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nAVEVA recommends that organizations evaluate the impact of these vulnerabilities based on their operational environment, architecture, and product implementation. Users of affected products should apply security updates as soon as possible.\n\nIn addition to applying security updates, users should follow these general precautions:\n\n * Ensure that Guest or Anonymous local OS accounts are disabled.\n * Ensure that only trusted users are able to login on the nodes where the Operations Control Logger is running.\n\n\nPlease see AVEVA Security Bulletin number AVEVA-2023-003 https://www.aveva.com/en/support-and-success/cyber-security-updates/ \u00a0for more information and for links for individual security updates and mitigations for each of the affected products.\n\nAVEVA System Platform 2020 through 2020 R2 SP1 cannot be newly installed on top of other AVEVA products which have been previously patched with the Operations Control Logger v22.1. For additional details please refer to Alert 000038736. https://softwaresupportsp.aveva.com/#/knowledgebase/details/000038736 \n\n\n\n\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "AVEVA Operations Control Logger Execution with Unnecessary Privileges ",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-33873",
"datePublished": "2023-11-15T16:22:31.927Z",
"dateReserved": "2023-06-13T14:56:36.315Z",
"dateUpdated": "2024-11-21T20:10:00.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7113 (GCVE-0-2024-7113)
Vulnerability from cvelistv5
Published
2024-08-13 16:26
Modified
2024-08-15 18:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Summary
If exploited, this vulnerability could cause a SuiteLink server to consume excessive system resources and slow down processing of Data I/O for the duration of the attack.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | AVEVA | SuiteLink Server |
Version: 0 < |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7113",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-15T18:48:38.378253Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T18:49:01.175Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SuiteLink Server",
"vendor": "AVEVA",
"versions": [
{
"lessThanOrEqual": "3.7.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Historian",
"vendor": "AVEVA",
"versions": [
{
"lessThanOrEqual": "2023 R2 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "InTouch",
"vendor": "AVEVA",
"versions": [
{
"lessThanOrEqual": "2023 R2 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Application Server",
"vendor": "AVEVA",
"versions": [
{
"lessThanOrEqual": "2023 R2 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Communication Drivers Pack",
"vendor": "AVEVA",
"versions": [
{
"lessThanOrEqual": "2023 R2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Batch Management",
"vendor": "AVEVA",
"versions": [
{
"lessThanOrEqual": "2023",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "DOE CESER\u0027s CyTRICS program at Idaho National Laboratory reported this vulnerability to AVEVA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIf exploited, this vulnerability could cause a SuiteLink server to consume excessive system resources and slow down processing of Data I/O for the duration of the attack.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "If exploited, this vulnerability could cause a SuiteLink server to consume excessive system resources and slow down processing of Data I/O for the duration of the attack."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T16:26:32.285Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-226-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAVEVA recommends that organizations evaluate the impact of these vulnerabilities based on their operational environment, architecture, and product implementation. Users with the affected product versions should apply security updates as soon as possible.\u003c/p\u003e\u003cp\u003eAll impacted products and affected versions can be fixed by installing \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/#/producthub/details?id=afeb5492-f764-4af3-b408-acc4c991f699\"\u003eSuiteLink v3.7.100\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eAVEVA recommends the following general defensive measures:\u003c/p\u003e\u003cul\u003e\u003cli\u003eApply Host and/or Network firewall rules restricting the SuiteLink server to accept traffic only from trusted source(s). By default, SuiteLink listens on port 5413.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eFor more information, see AVEVA\u0027s Security Bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2024-007.pdf\"\u003eAVEVA-2024-007\u003c/a\u003e.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "AVEVA recommends that organizations evaluate the impact of these vulnerabilities based on their operational environment, architecture, and product implementation. Users with the affected product versions should apply security updates as soon as possible.\n\nAll impacted products and affected versions can be fixed by installing SuiteLink v3.7.100 https://softwaresupportsp.aveva.com/#/producthub/details .\n\nAVEVA recommends the following general defensive measures:\n\n * Apply Host and/or Network firewall rules restricting the SuiteLink server to accept traffic only from trusted source(s). By default, SuiteLink listens on port 5413.\n\n\nFor more information, see AVEVA\u0027s Security Bulletin AVEVA-2024-007 https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2024-007.pdf ."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Allocation of Resources Without Limits or Throttling in AVEVA SuiteLink Server",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2024-7113",
"datePublished": "2024-08-13T16:26:32.285Z",
"dateReserved": "2024-07-25T17:56:01.265Z",
"dateUpdated": "2024-08-15T18:49:01.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32942 (GCVE-0-2021-32942)
Vulnerability from cvelistv5
Published
2021-06-09 16:06
Modified
2024-09-17 03:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-316 - CLEARTEXT STORAGE OF SENSITIVE INFORMATION IN MEMORY
Summary
The vulnerability could expose cleartext credentials from AVEVA InTouch Runtime 2020 R2 and all prior versions (WindowViewer) if an authorized, privileged user creates a diagnostic memory dump of the process and saves it to a non-protected location.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:33:55.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-03"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.aveva.com/en/support/cyber-security-updates/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "InTouch",
"vendor": "AVEVA",
"versions": [
{
"lessThanOrEqual": "2020 R2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ilya Karpov, Evgeniy Druzhinin, and Konstantin Kondratev of Rostelecom-Solar reported this vulnerability to AVEVA."
}
],
"datePublic": "2021-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The vulnerability could expose cleartext credentials from AVEVA InTouch Runtime 2020 R2 and all prior versions (WindowViewer) if an authorized, privileged user creates a diagnostic memory dump of the process and saves it to a non-protected location."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-316",
"description": "CLEARTEXT STORAGE OF SENSITIVE INFORMATION IN MEMORY CWE-316",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-09T16:06:26",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-03"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.aveva.com/en/support/cyber-security-updates/"
}
],
"solutions": [
{
"lang": "en",
"value": "AVEVA recommends organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.\n\nUsers of InTouch 2020 R2 and all prior versions are affected and should first upgrade to one of the versions listed below, then apply the corresponding security update:\n\n InTouch 2020 R2: Update to InTouch 2020 R2 P01\n\nInTouch 2020: Update to Security Update 1216934InTouch 2017 U3 SP1 P01: Update to Security Update 1216933"
}
],
"source": {
"advisory": "ICSA-21-159-03 - AVEVA InTouch",
"defect": [
"CLEARTEXT",
"STORAGE",
"OF",
"SENSITIVE",
"INFORMATION",
"IN",
"MEMORY",
"CWE-316"
],
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-06-08T00:00:00.000Z",
"ID": "CVE-2021-32942",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "InTouch",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2020 R2"
}
]
}
}
]
},
"vendor_name": "AVEVA"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Ilya Karpov, Evgeniy Druzhinin, and Konstantin Kondratev of Rostelecom-Solar reported this vulnerability to AVEVA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vulnerability could expose cleartext credentials from AVEVA InTouch Runtime 2020 R2 and all prior versions (WindowViewer) if an authorized, privileged user creates a diagnostic memory dump of the process and saves it to a non-protected location."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CLEARTEXT STORAGE OF SENSITIVE INFORMATION IN MEMORY CWE-316"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-03",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-03"
},
{
"name": "https://www.aveva.com/en/support/cyber-security-updates/",
"refsource": "MISC",
"url": "https://www.aveva.com/en/support/cyber-security-updates/"
}
]
},
"solution": [
{
"lang": "en",
"value": "AVEVA recommends organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.\n\nUsers of InTouch 2020 R2 and all prior versions are affected and should first upgrade to one of the versions listed below, then apply the corresponding security update:\n\n InTouch 2020 R2: Update to InTouch 2020 R2 P01\n\nInTouch 2020: Update to Security Update 1216934InTouch 2017 U3 SP1 P01: Update to Security Update 1216933"
}
],
"source": {
"advisory": "ICSA-21-159-03 - AVEVA InTouch",
"defect": [
"CLEARTEXT",
"STORAGE",
"OF",
"SENSITIVE",
"INFORMATION",
"IN",
"MEMORY",
"CWE-316"
],
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-32942",
"datePublished": "2021-06-09T16:06:26.984385Z",
"dateReserved": "2021-05-13T00:00:00",
"dateUpdated": "2024-09-17T03:17:35.496Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-34982 (GCVE-0-2023-34982)
Vulnerability from cvelistv5
Published
2023-11-15 16:28
Modified
2024-08-02 16:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-73 - External Control of File Name or Path
Summary
This external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of service.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | AVEVA | SystemPlatform |
Version: 0 < |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:17:04.179Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SystemPlatform",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Historian",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Application Server",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "InTouch",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Enterprise Licensing (formerly known as License Manager)",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "3.7.002",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Manufacturing Execution System (formerly known as Wonderware MES)",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Recipe Management",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 Update 1 Patch 2 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Batch Management",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 SP1 ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Edge (formerly known as Indusoft Web Studio)",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1 P01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Worktasks (formerly known as Workflow Management)",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 U2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Plant SCADA (formerly known as Citect)",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 Update 15",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mobile Operator (formerly known as IntelaTrac Mobile Operator Rounds)",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Communication Drivers Pack",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telemetry Server",
"vendor": "AVEVA ",
"versions": [
{
"lessThanOrEqual": "2020 R2 SP1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Lukasz Piotrowski from Equinor reported these vulnerabilities to AVEVA."
}
],
"datePublic": "2023-11-14T16:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of service.\u003c/span\u003e\n\n"
}
],
"value": "\nThis external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of service.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-73",
"description": "CWE-73 External Control of File Name or Path ",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-15T16:28:35.183Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01"
},
{
"url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eAVEVA recommends that organizations evaluate the impact of these vulnerabilities based on their operational environment, architecture, and product implementation. Users of affected products should apply security updates as soon as possible.\u003c/p\u003e\u003cp\u003eIn addition to applying security updates, users should follow these general precautions:\u003c/p\u003e\u003cul\u003e\u003cli\u003eEnsure that Guest or Anonymous local OS accounts are disabled.\u003c/li\u003e\u003cli\u003eEnsure that only trusted users are able to login on the nodes where the Operations Control Logger is running.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003ePlease see \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA Security Bulletin number AVEVA-2023-003\u003c/a\u003e\u0026nbsp;for more information and for links for individual security updates and mitigations for each of the affected products.\u003c/p\u003e\u003cp\u003eAVEVA System Platform 2020 through 2020 R2 SP1 cannot be newly installed on top of other AVEVA products which have been previously patched with the Operations Control Logger v22.1. For additional details please refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/#/knowledgebase/details/000038736?lang=en_us\"\u003eAlert 000038736.\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nAVEVA recommends that organizations evaluate the impact of these vulnerabilities based on their operational environment, architecture, and product implementation. Users of affected products should apply security updates as soon as possible.\n\nIn addition to applying security updates, users should follow these general precautions:\n\n * Ensure that Guest or Anonymous local OS accounts are disabled.\n * Ensure that only trusted users are able to login on the nodes where the Operations Control Logger is running.\n\n\nPlease see AVEVA Security Bulletin number AVEVA-2023-003 https://www.aveva.com/en/support-and-success/cyber-security-updates/ \u00a0for more information and for links for individual security updates and mitigations for each of the affected products.\n\nAVEVA System Platform 2020 through 2020 R2 SP1 cannot be newly installed on top of other AVEVA products which have been previously patched with the Operations Control Logger v22.1. For additional details please refer to Alert 000038736. https://softwaresupportsp.aveva.com/#/knowledgebase/details/000038736 \n\n\n\n\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "AVEVA Operations Control Logger External Control of File Name or Path ",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-34982",
"datePublished": "2023-11-15T16:28:35.183Z",
"dateReserved": "2023-06-13T14:56:36.310Z",
"dateUpdated": "2024-08-02T16:17:04.179Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2023-11-15 17:15
Modified
2024-11-21 08:06
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
This privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standard privileges to escalate to System privilege on the machine where these products are installed, resulting in complete compromise of the target machine.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.aveva.com/en/support-and-success/cyber-security-updates/ | Vendor Advisory | |
| ics-cert@hq.dhs.gov | https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.aveva.com/en/support-and-success/cyber-security-updates/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aveva:batch_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2AEDAE-18DB-40C0-AFB0-57136A822BBE",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:batch_management:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "F546770E-B402-4577-8E0D-C7D34CFDE549",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:batch_management:2020:sp1:*:*:*:*:*:*",
"matchCriteriaId": "6A67B8AC-2282-4F39-9795-D61F48304049",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:communication_drivers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D62B3995-706D-4285-A3C7-900ED2D176B1",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:communication_drivers:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "D97EE6DC-CCB3-40FF-BC75-A694DCBCE50D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:communication_drivers:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "B74F0988-CB5D-4FC4-8CBD-6B43F6CB4C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:communication_drivers:2020:r2_p01:*:*:*:*:*:*",
"matchCriteriaId": "B38368FD-D573-4C6A-BBB7-B0CC477C44AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:edge:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CE5AEFF-0C5F-499C-B4AF-3594CC591061",
"versionEndIncluding": "20.1.101",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:enterprise_licensing:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D63D153-5F92-4732-8CE7-BF821FDC1FFC",
"versionEndIncluding": "3.7.002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:historian:*:*:*:*:*:*:*:*",
"matchCriteriaId": "310008CD-1FB4-47C3-9B20-1DF0BC537019",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:historian:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "33FE93BF-8221-4A84-845B-13693E28F570",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:historian:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "D479F013-5ABC-4B59-845A-E06EF0ADF107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:historian:2020:r2_p01:*:*:*:*:*:*",
"matchCriteriaId": "5B67B330-EB63-4026-A961-EA2EE76A8355",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:intouch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06F39A93-CE38-4696-A301-3B08BB02AA0F",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:intouch:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "87B6DFEA-FED8-4A02-B09A-2676D5C8A5DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:intouch:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "A3FDBC50-37E5-4F02-BDAC-22490D139C71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:intouch:2020:r2_p01:*:*:*:*:*:*",
"matchCriteriaId": "A7D7123E-2439-4325-9733-F10DFF180C35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:manufacturing_execution_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519C16-D78F-4B03-BF68-25977782C15C",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:manufacturing_execution_system:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "1288B3F5-2A5F-4516-96F8-FDB33A71060A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:manufacturing_execution_system:2020:p01:*:*:*:*:*:*",
"matchCriteriaId": "353CAFF0-2928-46F1-B5B5-9F0122BCDF38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:mobile_operator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2244B652-6874-4BD3-9F6A-C01274CE7F25",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:mobile_operator:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "40D03AD9-31E2-422F-9137-4E881A942C74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:mobile_operator:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "B9AA5D22-126E-4E0B-AD44-8990B9218AA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:mobile_operator:2020:r1:*:*:*:*:*:*",
"matchCriteriaId": "062CEF6D-5308-4CC7-A20A-84298C527C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:plant_scada:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63BCBC30-F337-47AB-96F1-54E46F735B1E",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:plant_scada:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "7B493552-4A0D-49DC-8669-C7E714669D98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:plant_scada:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "2B714DE8-6E27-48ED-8CB5-6FD3DECB8718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:recipe_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FF7755E-D26A-4D55-88BB-2811A18C2589",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:recipe_management:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "5B0AB6DC-D05F-429F-9FEF-500BE9780456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:recipe_management:2020:update_1_patch_2:*:*:*:*:*:*",
"matchCriteriaId": "8E69E722-AA58-49BD-9D22-5A6DC40FE85F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:system_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18048EB2-8F4C-4C75-93BD-0C3D6C42AB4A",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:system_platform:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "D47F4B07-B67F-4855-AED2-D17B0E76FA8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:system_platform:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "1ED7E9C7-B882-4F57-B796-59A4F90EE185",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:system_platform:2020:r2_p01:*:*:*:*:*:*",
"matchCriteriaId": "33D5FF9C-590D-4BA3-A265-35956E4F36DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:telemetry_server:2020r2:-:*:*:*:*:*:*",
"matchCriteriaId": "12AD341A-07AE-4837-A1DC-471FFF0926DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:telemetry_server:2020r2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "62A91A30-CB69-4E14-9C32-BF848E740944",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:work_tasks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "061DD968-A34E-4AA2-B0EC-ECBAF4B15605",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:work_tasks:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "78E65146-9CB1-423B-A565-48530C453382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:work_tasks:2020:update_1:*:*:*:*:*:*",
"matchCriteriaId": "64EF2703-3C49-468A-ADA9-E78173DF4F65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:work_tasks:2020:update_2:*:*:*:*:*:*",
"matchCriteriaId": "4131B6FF-AF15-4F52-9415-A9E150B169DD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nThis privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standard privileges to escalate to System privilege on the machine where these products are installed, resulting in complete compromise of the target machine.\n\n"
},
{
"lang": "es",
"value": "Esta vulnerabilidad de escalada de privilegios, si se explota, en la nube permite que un usuario local autenticado en el sistema operativo con privilegios est\u00e1ndar escale a privilegios del sistema en la m\u00e1quina donde est\u00e1n instalados estos productos, lo que resulta en un compromiso total de la m\u00e1quina de destino."
}
],
"id": "CVE-2023-33873",
"lastModified": "2024-11-21T08:06:06.847",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-15T17:15:41.313",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Vendor Advisory"
],
"url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-250"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-11-15 17:15
Modified
2024-11-21 08:07
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Summary
This external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of service.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.aveva.com/en/support-and-success/cyber-security-updates/ | Vendor Advisory | |
| ics-cert@hq.dhs.gov | https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.aveva.com/en/support-and-success/cyber-security-updates/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aveva:batch_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2AEDAE-18DB-40C0-AFB0-57136A822BBE",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:batch_management:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "F546770E-B402-4577-8E0D-C7D34CFDE549",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:batch_management:2020:sp1:*:*:*:*:*:*",
"matchCriteriaId": "6A67B8AC-2282-4F39-9795-D61F48304049",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:communication_drivers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D62B3995-706D-4285-A3C7-900ED2D176B1",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:communication_drivers:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "D97EE6DC-CCB3-40FF-BC75-A694DCBCE50D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:communication_drivers:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "B74F0988-CB5D-4FC4-8CBD-6B43F6CB4C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:communication_drivers:2020:r2_p01:*:*:*:*:*:*",
"matchCriteriaId": "B38368FD-D573-4C6A-BBB7-B0CC477C44AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:edge:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CE5AEFF-0C5F-499C-B4AF-3594CC591061",
"versionEndIncluding": "20.1.101",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:enterprise_licensing:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D63D153-5F92-4732-8CE7-BF821FDC1FFC",
"versionEndIncluding": "3.7.002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:historian:*:*:*:*:*:*:*:*",
"matchCriteriaId": "310008CD-1FB4-47C3-9B20-1DF0BC537019",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:historian:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "33FE93BF-8221-4A84-845B-13693E28F570",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:historian:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "D479F013-5ABC-4B59-845A-E06EF0ADF107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:historian:2020:r2_p01:*:*:*:*:*:*",
"matchCriteriaId": "5B67B330-EB63-4026-A961-EA2EE76A8355",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:intouch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06F39A93-CE38-4696-A301-3B08BB02AA0F",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:intouch:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "87B6DFEA-FED8-4A02-B09A-2676D5C8A5DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:intouch:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "A3FDBC50-37E5-4F02-BDAC-22490D139C71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:intouch:2020:r2_p01:*:*:*:*:*:*",
"matchCriteriaId": "A7D7123E-2439-4325-9733-F10DFF180C35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:manufacturing_execution_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5519C16-D78F-4B03-BF68-25977782C15C",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:manufacturing_execution_system:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "1288B3F5-2A5F-4516-96F8-FDB33A71060A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:manufacturing_execution_system:2020:p01:*:*:*:*:*:*",
"matchCriteriaId": "353CAFF0-2928-46F1-B5B5-9F0122BCDF38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:mobile_operator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2244B652-6874-4BD3-9F6A-C01274CE7F25",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:mobile_operator:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "40D03AD9-31E2-422F-9137-4E881A942C74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:mobile_operator:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "B9AA5D22-126E-4E0B-AD44-8990B9218AA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:mobile_operator:2020:r1:*:*:*:*:*:*",
"matchCriteriaId": "062CEF6D-5308-4CC7-A20A-84298C527C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:plant_scada:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63BCBC30-F337-47AB-96F1-54E46F735B1E",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:plant_scada:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "7B493552-4A0D-49DC-8669-C7E714669D98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:plant_scada:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "2B714DE8-6E27-48ED-8CB5-6FD3DECB8718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:recipe_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FF7755E-D26A-4D55-88BB-2811A18C2589",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:recipe_management:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "5B0AB6DC-D05F-429F-9FEF-500BE9780456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:recipe_management:2020:update_1_patch_2:*:*:*:*:*:*",
"matchCriteriaId": "8E69E722-AA58-49BD-9D22-5A6DC40FE85F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:system_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18048EB2-8F4C-4C75-93BD-0C3D6C42AB4A",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:system_platform:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "D47F4B07-B67F-4855-AED2-D17B0E76FA8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:system_platform:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "1ED7E9C7-B882-4F57-B796-59A4F90EE185",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:system_platform:2020:r2_p01:*:*:*:*:*:*",
"matchCriteriaId": "33D5FF9C-590D-4BA3-A265-35956E4F36DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:telemetry_server:2020r2:-:*:*:*:*:*:*",
"matchCriteriaId": "12AD341A-07AE-4837-A1DC-471FFF0926DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:telemetry_server:2020r2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "62A91A30-CB69-4E14-9C32-BF848E740944",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:work_tasks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "061DD968-A34E-4AA2-B0EC-ECBAF4B15605",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:work_tasks:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "78E65146-9CB1-423B-A565-48530C453382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:work_tasks:2020:update_1:*:*:*:*:*:*",
"matchCriteriaId": "64EF2703-3C49-468A-ADA9-E78173DF4F65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aveva:work_tasks:2020:update_2:*:*:*:*:*:*",
"matchCriteriaId": "4131B6FF-AF15-4F52-9415-A9E150B169DD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nThis external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of service.\n\n"
},
{
"lang": "es",
"value": "Esta vulnerabilidad de control externo, si se explota, podr\u00eda permitir que un usuario local autenticado en el sistema operativo con privilegios est\u00e1ndar elimine archivos con privilegios de sistema en la m\u00e1quina donde est\u00e1n instalados estos productos, lo que resultar\u00eda en una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2023-34982",
"lastModified": "2024-11-21T08:07:46.227",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-15T17:15:41.563",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Vendor Advisory"
],
"url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-73"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-610"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}