CVE-2019-6545

CVE-2019-6545

Vendor Ics-Cert
Product AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) prior to Version 2017 Update
Weakness CWE-99
Published February 13, 2019
Last update September 16, 2024

CVSS base score

What the vulnerability does

01Description

AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) prior to Version 2017 Update. An unauthenticated remote user could use a specially crafted database connection configuration file to execute an arbitrary process on the server machine.

Key dates

02Disclosure timeline

February 13, 2019 CVE published
September 16, 2024 Record updated