ICSA-22-354-03
·
Published 2023-02-09
·
View on CISA ICS-CERT ↗
ARC Informatique PcVue
CVSS 5.5
MEDIUM
Risk Summary
Successful exploitation of these vulnerabilities could allow an unauthorized user to access the email account, SIM card, and other data sources associated with the affected device.
CVEs (2)
Remediations
- ARC Informatique has released a fix for CVE-2022-4312 for PcVue 12 in Version 12.0.28 and recommends users install the latest version of PcVue regardless of release. Users should contact their ARC Informatique representative to request the latest update files or submit a request via their web form.
- CVE-2022-4312: SB2022-7
- ARC Informatique recommends users take steps to harden system configurations.
- CVE-2022-4311: SB2022-6
Affected Vendors
ARC Informatique
Affected Products (3)
ARC Informatique
·
PcVue
>= 15 | <= 15.2.2
ARC Informatique
·
PcVue
>= 8.10 | <= 15.2.3
ARC Informatique
·
PcVue
>= 12 | <= 12.0.28
Affected Sectors
Commercial Facilities, Transportation, Water and Wastewater, Energy, Critical Manufacturing, Food and Agriculture
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more