← Back to home
ICSA-24-032-03  ·  Published 2024-02-01  ·  View on CISA ICS-CERT ↗

AVEVA Edge products (formerly known as InduSoft Web Studio)

CVSS 7.3 HIGH

Risk Summary

Successful exploitation of this vulnerability could result in an attacker achieving arbitrary code execution and privilege escalation by tricking AVEVA Edge to load an unsafe DLL.

CVEs (1)

Remediations

  • AVEVA recommends users upgrade to AVEVA Edge 2023, or AVEVA Edge 2020 R2 SP2 P01 as soon as possible. Upgrades can be downloaded from the AVEVA official website:
  • AVEVA Edge 2023
  • AVEVA Edge 2020 R2 SP2 P01
  • For additional information, please refer to AVEVA's security advisory AVEVA-2024-002.

Affected Vendors

AVEVA

Affected Products (1)

AVEVA · AVEVA Edge <=2020_R2_SP2

Affected Sectors

Multiple

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more