Invensys Wonderware Win-XML Exporter Improper Input Validation Vulnerability

CVSS 9.3 CRITICAL

CVEs (1)

CVE-2012-4710

Invensys has developed an update to the Win-XML Exporter that mitigates this vulnerability. The Positive Technologies Research Team has tested the update and validated that it fixes the vulnerability. Instructions and a link to the update are found on the Invensys download page.
According to Invensys, any machine running one or more of the products listed above is affected and should be patched. No other components of the Wonderware installed products are affected. Users should install the update using instructions provided in the ReadMe file for the product and component being installed. Invensys recommends that users: Read the installation instructions provided with the patch. Shut down any of the affected software products. Install the update. Restart the software.

Invensys

Invensys · Win-XML Exporter <=1522.148.0.0

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.