Indusoft.Web.Studio.InTouch.Edge.HMI.Remote.Code.Execution
Description
This indicates an attack attempt to exploit a Security Bypass vulnerability in the InduSoft Web Studio and InTouch Edge HMI.
The vulnerability is due to improper authentication in the vulnerable application when handling a malicious request. A remote attacker may be able exploit this to execute arbitrary code on vulnerable machines.
Affected Products
InduSoft Web Studio versions prior to 8.1 SP2
InTouch Edge HMI versions prior to 2017 SP2
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityBulletin_LFSec133.pdf
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |