ICSA-12-177-02
·
Published 2025-06-06
·
View on CISA ICS-CERT ↗
Invensys Wonderware InTouch 10 DLL Hijack
CVSS 6.9
MEDIUM
CVEs (1)
Remediations
- Invensys has provided instructions and a link to the software download that can be found here: (https://wdn.wonderware.com/sites/WDN/Pages/Downloads/Software.aspx).
- Any machine running one or more of the products listed above is affected and should be patched. No other components of the Wonderware installed products are affected. Install the Security Update using instructions provided in the ReadMe file for the product and component being installed. In general, the user should: Read the installation instructions provided with the patch, Shut down any of the affected software products, Install the update, and Restart the software.
Affected Vendors
Invensys
Affected Products (7)
Invensys
·
InTouch
<2012
Invensys
·
Wonderware Application Server
<2012
Invensys
·
Wonderware Information Server
<4.5
Invensys
·
Foxboro Control Software
<4.0
Invensys
·
InFusion CE/FE/SCADA
<2.5
Invensys
·
InBatch
<9.5_SP1
Invensys
·
Wonderware Historian
<10.0_SP1
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more