Risk Summary
Successful exploitation of this vulnerability could expose cleartext credentials from InTouch Runtime.
CVEs (1)
Remediations
- AVEVA recommends organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.
- Users of InTouch 2020 R2 and all prior versions are affected and should first upgrade to one of the versions listed below, then apply the corresponding security update:
- InTouch 2020 R2: Update to InTouch 2020 R2 P01
- InTouch 2020: Update to Security Update 1216934
- InTouch 2017 U3 SP1 P01: Update to Security Update 1216933
- Please see security bulletin AVEVA-2021-001 for more information.
Affected Vendors
AVEVA Software, LLC
Affected Products (1)
AVEVA Software, LLC
·
InTouch
<= 2020 R2
Affected Sectors
Chemical, Critical Manufacturing, Energy, Food and Agriculture, and Water and Wastewater
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more