← Back to home
ICSA-18-212-04  ·  Published 2018-07-31  ·  View on CISA ICS-CERT ↗

AVEVA InTouch Access Anywhere

CVSS 6.1 MEDIUM

Risk Summary

Successful exploitation of this vulnerability may allow attackers to obtain sensitive information and/or execute Javascript or HTML code.

CVEs (1)

Remediations

  • AVEVA recommends users install update “InTouch Access Anywhere 2017 Update 2b�or later
  • AVEVA has published Security Bulletin LFSEC00000126.

Affected Vendors

AVEVA Software, LLC

Affected Products (2)

AVEVA Software, LLC · Vulnerable versions of jQuery are those < 3.0.0
AVEVA Software, LLC · InTouch Access Anywhere <=2017 Update 2

Affected Sectors

Chemical, Critical Manufacturing, Energy, Food and Agriculture, and Water and Wastewater

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more