Risk Summary
The DLL hijacking vulnerability in the Platform Common Services (PCS) Portal, if exploited, could allow malicious code execution within the context of the PCS Portal application.
CVEs (1)
Remediations
- AVEVA recommends organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation. Users of affected versions of the products should apply the corresponding security update as soon as possible.
- Security update PCS 4.5.3 is available for the following versions: AVEVA Mobile Operator 2020
- Security update PCS 4.5.3 is available for the following versions: AVEVA Enterprise Data Management 2021
- Security update PCS 4.5.3 is available for the following versions: AVEVA System Platform 2020 R2 P01
- Security update PCS 4.5.3 is available for the following versions: AVEVA System Platform 2020 R2
- Security update PCS 4.5.3 is available for the following versions: AVEVA Work Tasks 2020 Update 1
- Security update PCS 4.4.7 is available for the following versions: AVEVA System Platform 2020
- Security update PCS 4.4.7 is available for the following versions: AVEVA Work Tasks 2020
- Security update PCS 4.4.7 is available for the following versions: AVEVA Manufacturing Execution System 2020
- Security update PCS 4.4.7 is available for the following versions: AVEVA Batch Management 2020
- For more information on this issue, including security updates, please see Security Bulletin AVEVA-2021-008
Affected Vendors
AVEVA Software, LLC
Affected Products (1)
AVEVA Software, LLC
·
PCS
4.5.2 | 4.5.1 | 4.5.0 | 4.4.6
Affected Sectors
Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater Systems
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more