Critical severity9.8NVD Advisory· Published Jul 24, 2018· Updated Jun 17, 2026
CVE-2018-10628
CVE-2018-10628
Description
AVEVA InTouch 2014 R2 SP1 and prior, InTouch 2017, InTouch 2017 Update 1, and InTouch 2017 Update 2 allow an unauthenticated user to send a specially crafted packet that could overflow the buffer on a locale not using a dot floating point separator. Exploitation could allow remote code execution under the privileges of the InTouch View process.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3- ics-cert.us-cert.gov/advisories/ICSA-18-200-02nvdPatchPermissions RequiredThird Party AdvisoryUS Government Resource
- www.securityfocus.com/bid/104864nvdBroken Link
- sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityBulletin_LFSec127%28003%29.pdfnvd
News mentions
0No linked articles in our index yet.