Risk Summary
Successful exploitation of this vulnerability could expose cleartext credentials for the network user account or for logged-in users to an authorized, low privilege user. The cleartext credentials would also be exposed if the user creates a diagnostic memory dump of the relevant process and saves it to a non-protected location where an unauthorized, malicious user can access it.
CVEs (1)
Remediations
- AVEVA System Platform 2020 R2 P01 and AVEVA System Platform 2020 R2: update to AVEVA System Platform 2020 R2 SP1
- AVEVA System Platform 2020: update to AVEVA System Platform 2020 P01
Affected Vendors
AVEVA Software, LLC
Affected Products (3)
AVEVA Software, LLC
·
AVEVA System Platform
2020
AVEVA Software, LLC
·
AVEVA System Platform
2020 R2S
AVEVA Software, LLC
·
AVEVA System Platform
2020 R2 P01
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more