Unrated severityNVD Advisory· Published Nov 15, 2023· Updated Nov 21, 2024
AVEVA Operations Control Logger Execution with Unnecessary Privileges
CVE-2023-33873
Description
This privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standard privileges to escalate to System privilege on the machine where these products are installed, resulting in complete compromise of the target machine.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
14- AVEVA/Application Serverv5Range: 0
- AVEVA/Batch Managementv5Range: 0
- AVEVA/Communication Drivers Packv5Range: 0
- AVEVA/Edge (formerly known as Indusoft Web Studio)v5Range: 0
- AVEVA/Enterprise Licensing (formerly known as License Manager)v5Range: 0
- Range: 0
- AVEVA/InTouchv5Range: 0
- AVEVA/Manufacturing Execution System (formerly known as Wonderware MES)v5Range: 0
- AVEVA/Mobile Operator (formerly known as IntelaTrac Mobile Operator Rounds)v5Range: 0
- AVEVA/Plant SCADA (formerly known as Citect)v5Range: 0
- AVEVA/Recipe Managementv5Range: 0
- AVEVA/SystemPlatformv5Range: 0
- AVEVA/Telemetry Serverv5Range: 0
- AVEVA/Worktasks (formerly known as Workflow Management)v5Range: 0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.