VYPR
Unrated severityNVD Advisory· Published Nov 15, 2023· Updated Aug 2, 2024

AVEVA Operations Control Logger External Control of File Name or Path

CVE-2023-34982

Description

This external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of service.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

14
  • AVEVA/Application Serverv5
    Range: 0
  • AVEVA/Batch Managementv5
    Range: 0
  • AVEVA/Communication Drivers Packv5
    Range: 0
  • AVEVA/Edge (formerly known as Indusoft Web Studio)v5
    Range: 0
  • AVEVA/Enterprise Licensing (formerly known as License Manager)v5
    Range: 0
  • Range: 0
  • AVEVA/InTouchv5
    Range: 0
  • AVEVA/Manufacturing Execution System (formerly known as Wonderware MES)v5
    Range: 0
  • AVEVA/Mobile Operator (formerly known as IntelaTrac Mobile Operator Rounds)v5
    Range: 0
  • AVEVA/Plant SCADA (formerly known as Citect)v5
    Range: 0
  • AVEVA/Recipe Managementv5
    Range: 0
  • AVEVA/SystemPlatformv5
    Range: 0
  • AVEVA/Telemetry Serverv5
    Range: 0
  • AVEVA/Worktasks (formerly known as Workflow Management)v5
    Range: 0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.