Critical severity9.8NVD Advisory· Published Apr 18, 2018· Updated Jun 17, 2026
CVE-2018-8840
CVE-2018-8840
Description
A remote attacker could send a carefully crafted packet in InduSoft Web Studio v8.1 and prior versions, and/or InTouch Machine Edition 2017 v8.1 and prior versions during a tag, alarm, or event related action such as read and write, which may allow remote code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: <=8.1
- Range: <=8.1
- Range: InduSoft Web Studio v8.1 and prior versions, and InTouch Machine Edition 2017 v8.1 and prior versions.
Patches
Vulnerability mechanics
References
4- software.schneider-electric.com/pdf/security-bulletin/lfsec00000125/nvdThird Party Advisory
- www.securityfocus.com/bid/103949nvdThird Party AdvisoryVDB Entry
- ics-cert.us-cert.gov/advisories/ICSA-18-107-01nvdThird Party AdvisoryUS Government Resource
- www.tenable.com/security/research/tra-2018-07nvdThird Party Advisory
News mentions
0No linked articles in our index yet.