Invensys Wonderware InTouch Improper Input Validation Vulnerability

CVEs (1)

Remediations

• Invensys has developed an update to the InTouch HMI that mitigates this vulnerability. The Positive Technologies Research Team has tested the update and validated that it fixes the vulnerability. Instructions and a link to the update are found on the Invensys download page at the following link: (https://wdn.wonderware.com/sites/WDN/Pages/Downloads/Software.aspx)
• According to Invensys, any machine running InTouch 2012 R2 or earlier versions is affected. Users should install the update using instructions provided in the ReadMe file for the product and component being installed. Invensys recommends that users: Read the installation instructions provided with the patch. Shut down any of the affected software products. Install the update. Restart the software.:

Affected Vendors

Affected Products (1)