ICSA-18-212-05
·
Published 2018-07-31
·
View on CISA ICS-CERT ↗
AVEVA Wonderware License Server
CVSS 9.8
CRITICAL
Risk Summary
Successful exploitation of this vulnerability may result in remote code execution with administrative privileges.
CVEs (1)
Remediations
- AVEVA recommends affected users install update “Hotfix Wonderware License Server VU-485744” or later
- AVEVA has published Security Bulletin LFSEC00000129.
Affected Vendors
AVEVA Software, LLC
Affected Products (3)
AVEVA Software, LLC
·
Historian Client
<=2014 R4 SP2 P02
AVEVA Software, LLC
·
Wonderware License Server
<= 4.0.13100
AVEVA Software, LLC
·
Wonderware Information Server
<=4.0 SP1
Affected Sectors
Chemical, Critical Manufacturing, Energy, Food and Agriculture, and Water and Wastewater
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more