CVE-2018-10620

CVE-2018-10620

Vendor Aveva Software, Llc
Product InduSoft Web Studio
Weakness CWE-121
Published July 19, 2018
Last update September 16, 2024

CVSS base score

What the vulnerability does

01Description

AVEVA InduSoft Web Studio v8.1 and v8.1SP1, and InTouch Machine Edition v2017 8.1 and v2017 8.1 SP1 a remote user could send a carefully crafted packet to exploit a stack-based buffer overflow vulnerability during tag, alarm, or event related actions such as read and write, with potential for code to be executed.

Key dates

02Disclosure timeline

July 19, 2018 CVE published
September 16, 2024 Record updated