Certec EDV GmbH atvise scada (Update A)

Risk Summary

ATTENTION: Remotely exploitable/low skill level to exploit.

CVEs (2)

Remediations

• Certec EDV GmbH advises affected users to activate the built-in security mechanism (login, https, protected calls, etc.) of the product as described in the documentation. Users can also upgrade to the newest version of the software available on the Certec EDV GmbH web site (a user login will be needed to obtain the latest version):
• In order to fully mitigate the vulnerabilities Certec EDV GmbH recommends that users follow the guidelines in the atvise scada documentation for enabling security measures that can be found in the following sections:HTTP/HTTPS support,Protected calls,Login and user management, and User and rights.

Affected Vendors

Affected Products (1)