Risk Summary
Successful exploitation of these vulnerabilities could allow an attacker to insert malicious DLL files and trick the application into executing code.
Remediations
- AVEVA recommends organizations evaluate the impact of these vulnerabilities based on operational environment, architecture, and product implementations.
- Users of AVEV Edge (formerly known as InduSoft Web Studio) up to 2020 R2 SP1 w/ HF 2020.2.00.40 should apply AVEVA Edge 2020 R2 SP2 as soon as possible.
- Restrict access to port TCP/3997
Affected Vendors
AVEVA Software, LLC
Affected Products (3)
AVEVA Software, LLC
·
AVEVA Edge 2020
R2 SP1
AVEVA Software, LLC
·
AVEVA Edge 2020
R2 SP1 w/ HF 2020.2.00.40
AVEVA Software, LLC
·
AVEVA Edge 2020
<= R2 (formerly known as InduSoft Web Studio)
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more