VYPR

Intouch

by Aveva

CVEs (7)

  • CVE-2018-10628CriJul 24, 2018
    risk 0.64cvss 9.8epss 0.05

    AVEVA InTouch 2014 R2 SP1 and prior, InTouch 2017, InTouch 2017 Update 1, and InTouch 2017 Update 2 allow an unauthenticated user to send a specially crafted packet that could overflow the buffer on a locale not using a dot floating point separator. Exploitation could allow…

  • CVE-2007-6033HigNov 20, 2007
    risk 0.57cvss 8.8epss 0.03

    Invensys Wonderware InTouch 8.0 creates a NetDDE share with insecure permissions (Everyone/Full Control), which allows remote authenticated attackers, and possibly anonymous users, to execute arbitrary programs.

  • CVE-2026-30290HigMar 31, 2026
    risk 0.55cvss 8.4epss 0.00

    An arbitrary file overwrite vulnerability in InTouch Contacts & Caller ID APP v6.38.1 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure.

  • CVE-2008-2005May 6, 2008
    risk 0.04cvss epss 0.16

    The SuiteLink Service (aka slssvc.exe) in WonderWare SuiteLink before 2.0 Patch 01, as used in WonderWare InTouch 8.0, allows remote attackers to cause a denial of service (NULL pointer dereference and service shutdown) and possibly execute arbitrary code via a large length…

  • CVE-2006-0088Jan 5, 2006
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in intouch.lib.php in inTouch 0.5.1 Alpha allows remote attackers to execute arbitrary SQL commands via the user parameter.

  • CVE-2018-17916Nov 2, 2018
    risk 0.01cvss epss 0.04

    InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. A remote attacker could send a carefully crafted packet to exploit a stack-based buffer overflow vulnerability during tag, alarm, or event related…

  • CVE-2015-1009Aug 1, 2015
    risk 0.00cvss epss 0.00

    Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5 and Wonderware InTouch Machine Edition through 7.1 SP3 Patch 4 use cleartext for project-window password storage, which allows local users to obtain sensitive information by reading a file.