← Back to home
ICSA-19-078-01  ·  Published 2019-03-19  ·  View on CISA ICS-CERT ↗

AVEVA InduSoft Web Studio and InTouch Edge HMI

CVSS 6.5 MEDIUM

Risk Summary

Successful exploitation of this vulnerability could allow execution of unauthorized code or commands.

CVEs (1)

Remediations

  • InduSoft Web Studio: v8.1 SP3
  • InTouch Edge HMI: 2017 Update 3
  • Users who are unable to upgrade to the latest version of InduSoft Web Studio or InTouch Edge HMI, can alternatively apply Security Update LFSec131:
  • For addition information please see AVEVA Security Bulletin LFSEC00000131:

Affected Vendors

AVEVA Software, LLC

Affected Products (2)

AVEVA Software, LLC · InduSoft Web Studio < 8.1 SP3
AVEVA Software, LLC · InTouch Edge HMI < 2017 Update 3

Affected Sectors

Commercial Facilities, Critical Manufacturing, Energy, Transportation Systems, and Water and Wastewater Systems

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more