Search

Find a vulnerability

Search criteria

    216 vulnerabilities by AVEVA

    CVE-2026-5387 (GCVE-0-2026-5387)

    Vulnerability from nvd – Published: 2026-04-15 15:24 – Updated: 2026-04-15 17:38
    VLAI
    Title
    AVEVA Pipeline Simulation Missing Authorization
    Summary
    The vulnerability, if exploited, could allow an unauthenticated miscreant to perform operations intended only for Simulator Instructor or Simulator Developer (Administrator) roles, resulting in privilege escalation with potential for modification of simulation parameters, training configuration, and training records.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AVEVA Pipeline Simulation 2025 Affected: 0 , ≤ 2025 SP1 (build 7.1.9497.6351) (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5387",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-15T17:38:40.210058Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-15T17:38:50.678Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Pipeline Simulation 2025",
              "vendor": "AVEVA",
              "versions": [
                {
                  "lessThanOrEqual": "2025 SP1 (build 7.1.9497.6351)",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The vulnerability, if exploited, could allow an unauthenticated miscreant to perform operations\u0026nbsp;intended only for Simulator Instructor or Simulator Developer (Administrator) roles, resulting in privilege escalation with potential for modification of simulation parameters, training configuration, and training records."
                }
              ],
              "value": "The vulnerability, if exploited, could allow an unauthenticated miscreant to perform operations\u00a0intended only for Simulator Instructor or Simulator Developer (Administrator) roles, resulting in privilege escalation with potential for modification of simulation parameters, training configuration, and training records."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-862",
                  "description": "CWE-862",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-15T15:24:15.623Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2026-004.pdf"
            },
            {
              "url": "https://softwaresupportsp.aveva.com/en-US/downloads/products/details/57b79fdb-7b5f-4125-8a44-833b6b5c6d6f"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-106-04"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-106-04.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "All affected versions can be fixed by upgrading to AVEVA Pipeline Simulation 2025 SP1 P01 (build 7.1.9580.8513) or higher:\u003cbr\u003ehttps://softwaresupportsp.aveva.com/en-US/downloads/products/details/57b79fdb-7b5f-4125-8a44-833b6b5c6d6f"
                }
              ],
              "value": "All affected versions can be fixed by upgrading to AVEVA Pipeline Simulation 2025 SP1 P01 (build 7.1.9580.8513) or higher:\nhttps://softwaresupportsp.aveva.com/en-US/downloads/products/details/57b79fdb-7b5f-4125-8a44-833b6b5c6d6f"
            }
          ],
          "source": {
            "advisory": "ICSA-26-106-04, AVEVA-2026-004",
            "discovery": "INTERNAL"
          },
          "title": "AVEVA Pipeline Simulation Missing Authorization",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "AVEVA recommends that organizations evaluate the impact of these vulnerabilities based on their\u0026nbsp;operational environment, architecture, and product implementation. Customers using affected product versions should apply security updates to mitigate the risk of exploit."
                }
              ],
              "value": "AVEVA recommends that organizations evaluate the impact of these vulnerabilities based on their\u00a0operational environment, architecture, and product implementation. Customers using affected product versions should apply security updates to mitigate the risk of exploit."
            },
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The following general defensive measures are recommended:\u003cbr\u003e\u2022 Restrict Network Access: Implement host-based and/or network firewall controls on all nodes hosting the Pipeline Simulation Server API to ensure that only trusted Pipeline Simulation client systems are permitted to establish connections.\u003cbr\u003e\u2022 Enforce Secure Communication: Enable TLS for all API communications and ensure that server certificates are properly managed and protected to reduce the risk of manipulator-in-the-middle (MitM) attacks and tampering with data in transit."
                }
              ],
              "value": "The following general defensive measures are recommended:\n\u2022 Restrict Network Access: Implement host-based and/or network firewall controls on all nodes hosting the Pipeline Simulation Server API to ensure that only trusted Pipeline Simulation client systems are permitted to establish connections.\n\u2022 Enforce Secure Communication: Enable TLS for all API communications and ensure that server certificates are properly managed and protected to reduce the risk of manipulator-in-the-middle (MitM) attacks and tampering with data in transit."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2026-5387",
        "datePublished": "2026-04-15T15:24:15.623Z",
        "dateReserved": "2026-04-01T21:04:13.517Z",
        "dateUpdated": "2026-04-15T17:38:50.678Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-1507 (GCVE-0-2026-1507)

    Vulnerability from nvd – Published: 2026-02-10 20:19 – Updated: 2026-02-12 18:47
    VLAI
    Title
    Uncaught Exception vulnerability in AVEVA PI Data Archive
    Summary
    The affected products are vulnerable to an uncaught exception that could allow an unauthenticated attacker to remotely crash core PI services resulting in a denial-of-service.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    AVEVA PI Data Archive PI Server Affected: 0 , ≤ 2018_SP3_Patch_7 (custom)
    Create a notification for this product.
    Date Public
    2026-02-10 19:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-1507",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-12T18:46:57.197406Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-12T18:47:05.938Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PI Data Archive PI Server",
              "vendor": "AVEVA",
              "versions": [
                {
                  "lessThanOrEqual": "2018_SP3_Patch_7",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2026-02-10T19:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe affected products are vulnerable to an uncaught exception that could allow an unauthenticated attacker to remotely crash core PI services resulting in a denial-of-service.\u003c/span\u003e"
                }
              ],
              "value": "The affected products are vulnerable to an uncaught exception that could allow an unauthenticated attacker to remotely crash core PI services resulting in a denial-of-service."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-248",
                  "description": "CWE-248 Uncaught Exception",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-10T20:19:18.886Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "government-resource"
              ],
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-041-03"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation. Users of affected product versions should apply security updates to mitigate the risk of exploit.\u003c/p\u003e\u003cp\u003eAll impacted versions of PI Data Archive can be fixed by upgrading to PI Server 2024 R2 or later available here: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/en-US/downloads/products/details/8c9b0e8c-eb68-481f-b420-c87a253a4172\"\u003ehttps://softwaresupportsp.aveva.com/en-US/downloads/products/details/8c9b0e8c-eb68-481f-b420-c87a253a4172\u003c/a\u003e.\u003c/p\u003e\u003cp\u003ePI Data Archive delivered by PI Server 2018 SP3 Patch 7 and prior can be fixed by upgrading to PI Server 2018 SP3 Patch 8 or higher available here: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/en-US/downloads/products/details/79492560-7e4c-4800-8bd7-40cce61a17d2\"\u003ehttps://softwaresupportsp.aveva.com/en-US/downloads/products/details/79492560-7e4c-4800-8bd7-40cce61a17d2\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eThe following general defensive measures are recommended: * Monitor liveness of services listed in your installation\u2019s \u201c\\PI\\adm\\pisrvstart.bat\u201d. * Set the PI Data Archive Subsystem services to automatically restart. * PI Data Archive nodes should limit port 5450 inbound access to trusted workstations, users, and software.\u003c/p\u003e\u003cp\u003eFor additional information please refer to AVEVA-2026-002(\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2026-002.pdf)\"\u003ehttps://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AV...\u003c/a\u003e.\u003c/span\u003e\n\n\u003c/p\u003e"
                }
              ],
              "value": "AVEVA recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation. Users of affected product versions should apply security updates to mitigate the risk of exploit.\n\nAll impacted versions of PI Data Archive can be fixed by upgrading to PI Server 2024 R2 or later available here:  https://softwaresupportsp.aveva.com/en-US/downloads/products/details/8c9b0e8c-eb68-481f-b420-c87a253a4172 .\n\nPI Data Archive delivered by PI Server 2018 SP3 Patch 7 and prior can be fixed by upgrading to PI Server 2018 SP3 Patch 8 or higher available here:  https://softwaresupportsp.aveva.com/en-US/downloads/products/details/79492560-7e4c-4800-8bd7-40cce61a17d2 .\n\nThe following general defensive measures are recommended: * Monitor liveness of services listed in your installation\u2019s \u201c\\PI\\adm\\pisrvstart.bat\u201d. * Set the PI Data Archive Subsystem services to automatically restart. * PI Data Archive nodes should limit port 5450 inbound access to trusted workstations, users, and software.\n\nFor additional information please refer to AVEVA-2026-002(\n\n https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AV... https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2026-002.pdf) ."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Uncaught Exception vulnerability in AVEVA PI Data Archive",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2026-1507",
        "datePublished": "2026-02-10T20:19:18.886Z",
        "dateReserved": "2026-01-27T20:22:05.820Z",
        "dateUpdated": "2026-02-12T18:47:05.938Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-1495 (GCVE-0-2026-1495)

    Vulnerability from nvd – Published: 2026-02-10 20:18 – Updated: 2026-02-12 18:46
    VLAI
    Title
    Insertion of Sensitive Information into Log File vulnerability in AVEVA PI to CONNECT Agent
    Summary
    The vulnerability, if exploited, could allow an attacker with Event Log Reader (S-1-5-32-573) privileges to obtain proxy details, including URL and proxy credentials, from the PI to CONNECT event log files. This could enable unauthorized access to the proxy server.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-532 - Insertion of Sensitive Information into Log File
    Assigner
    References
    Impacted products
    Vendor Product Version
    AVEVA PI to CONNECT Agent Affected: 0 , ≤ Version v2.4.2520 (custom)
    Create a notification for this product.
    Date Public
    2026-02-10 19:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-1495",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-12T18:46:32.294842Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-12T18:46:41.102Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PI to CONNECT Agent",
              "vendor": "AVEVA",
              "versions": [
                {
                  "lessThanOrEqual": "Version v2.4.2520",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2026-02-10T19:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vulnerability, if exploited, could allow an attacker with Event Log Reader (S-1-5-32-573) privileges to obtain proxy details, including URL and proxy credentials, from the PI to CONNECT event log files. This could enable unauthorized access to the proxy server.\u003c/span\u003e\n\n\u003c/span\u003e"
                }
              ],
              "value": "The vulnerability, if exploited, could allow an attacker with Event Log Reader (S-1-5-32-573) privileges to obtain proxy details, including URL and proxy credentials, from the PI to CONNECT event log files. This could enable unauthorized access to the proxy server."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-532",
                  "description": "CWE-532 Insertion of Sensitive Information into Log File",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-10T20:18:10.844Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "government-resource"
              ],
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-041-04"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003eAVEVA recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.\u0026nbsp;\u003c/p\u003e\u003cp\u003e* Users of affected product versions should apply security updates to mitigate the risk of proxy details exposure in newly generated PI to CONNECT Agent event logs.\u0026nbsp;\u003c/p\u003e\u003cp\u003e* Users who have used affected product versions, should review existing PI to CONNECT Agent event logs (live/backups/copies) for exposed proxy connection details and consider purging the sensitive data from logs and/or configuring new credentials for access to the proxy service.\u003c/p\u003e\u003cp\u003eThe following general defensive measures are recommended:\u0026nbsp;\u003c/p\u003e\u003cp\u003e* Remove use of plain text passwords in proxy URLs. Alternatively, if passwords are required by the proxy, then use least-privilege credentials.\u0026nbsp;\u003c/p\u003e\u003cp\u003e* Ensure only trusted users are given Event Log Reader (S-1-5-32-573) privileges on hosts where PI to CONNECT is installed.\u0026nbsp;\u003c/p\u003e\u003cp\u003e* Review existing PI to CONNECT event logs (live/backups/copies) for exposed proxy connection details and consider purging the sensitive data from logs and/or configuring new credentials for access to the proxy service.\u003c/p\u003e\u003cp\u003eAll affected versions can be fixed by upgrading to PI to CONNECT Agent v2.5.2790 or higher. The latest version of the agent can be downloaded from the CONNECT Data Services Portal here: [\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://datahub.connect.aveva.com/](https://datahub.connect.aveva.com/](https://datahub.connect.aveva.com/](https://datahub.connect.aveva.com/)\"\u003ehttps://datahub.connect.aveva.com/](https://datahub.connect.aveva.com/](https://datahub.connect.avev...\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eFor additional information please refer to AVEVA-2026-003 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2026-003.pdf\"\u003ehttps://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2026-003.pdf\u003c/a\u003e.\u003c/p\u003e\n\n\u003cp\u003e\n\n\u003c/p\u003e"
                }
              ],
              "value": "AVEVA recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.\u00a0\n\n* Users of affected product versions should apply security updates to mitigate the risk of proxy details exposure in newly generated PI to CONNECT Agent event logs.\u00a0\n\n* Users who have used affected product versions, should review existing PI to CONNECT Agent event logs (live/backups/copies) for exposed proxy connection details and consider purging the sensitive data from logs and/or configuring new credentials for access to the proxy service.\n\nThe following general defensive measures are recommended:\u00a0\n\n* Remove use of plain text passwords in proxy URLs. Alternatively, if passwords are required by the proxy, then use least-privilege credentials.\u00a0\n\n* Ensure only trusted users are given Event Log Reader (S-1-5-32-573) privileges on hosts where PI to CONNECT is installed.\u00a0\n\n* Review existing PI to CONNECT event logs (live/backups/copies) for exposed proxy connection details and consider purging the sensitive data from logs and/or configuring new credentials for access to the proxy service.\n\nAll affected versions can be fixed by upgrading to PI to CONNECT Agent v2.5.2790 or higher. The latest version of the agent can be downloaded from the CONNECT Data Services Portal here: [ https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2026-003.pdf ."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Insertion of Sensitive Information into Log File vulnerability in AVEVA PI to CONNECT Agent",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2026-1495",
        "datePublished": "2026-02-10T20:18:10.844Z",
        "dateReserved": "2026-01-27T15:52:30.419Z",
        "dateUpdated": "2026-02-12T18:46:41.102Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-65118 (GCVE-0-2025-65118)

    Vulnerability from nvd – Published: 2026-01-16 00:11 – Updated: 2026-01-16 15:39
    VLAI
    Title
    AVEVA Process Optimization Uncontrolled Search Path Element
    Summary
    The vulnerability, if exploited, could allow an authenticated miscreant (OS Standard User) to trick Process Optimization services into loading arbitrary code and escalate privileges to OS System, potentially resulting in complete compromise of the Model Application Server.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AVEVA Process Optimization Affected: 0 , ≤ 2024.1 (custom)
    Create a notification for this product.
    Credits
    Christopher Wu of Veracode reported these vulnerabilities to AVEVA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-65118",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-16T15:39:31.310210Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-16T15:39:37.345Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Process Optimization",
              "vendor": "AVEVA",
              "versions": [
                {
                  "lessThanOrEqual": "2024.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Christopher Wu of Veracode reported these vulnerabilities to AVEVA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The vulnerability, if exploited, could allow an authenticated miscreant \n(OS Standard User) to trick Process Optimization services into loading \narbitrary code and escalate privileges to OS System, potentially \nresulting in complete compromise of the Model Application Server."
                }
              ],
              "value": "The vulnerability, if exploited, could allow an authenticated miscreant \n(OS Standard User) to trick Process Optimization services into loading \narbitrary code and escalate privileges to OS System, potentially \nresulting in complete compromise of the Model Application Server."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-427",
                  "description": "CWE-427",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-16T00:11:12.560Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
            },
            {
              "url": "https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-015-01"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA recommends users take the following action:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea\"\u003eAVEVA Process Optimization v2025\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\nFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA recommends users take the following action:\n\n\n\n  *  Update to  AVEVA Process Optimization v2025 https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea \n\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "source": {
            "advisory": "ICSA-26-015-01",
            "discovery": "EXTERNAL"
          },
          "title": "AVEVA Process Optimization Uncontrolled Search Path Element",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA alternatively recommends the following actions users can take to mitigate risk:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eApply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\u003c/li\u003e\n\u003cli\u003eApply ACLs to the installation and data folders, limiting write-access to trusted users only.\u003c/li\u003e\n\u003cli\u003eMaintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\u003c/p\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA alternatively recommends the following actions users can take to mitigate risk:\n\n\n\n  *  Apply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\n\n  *  Apply ACLs to the installation and data folders, limiting write-access to trusted users only.\n\n  *  Maintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-65118",
        "datePublished": "2026-01-16T00:11:12.560Z",
        "dateReserved": "2025-11-24T18:22:00.785Z",
        "dateUpdated": "2026-01-16T15:39:37.345Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-65117 (GCVE-0-2025-65117)

    Vulnerability from nvd – Published: 2026-01-16 00:14 – Updated: 2026-01-16 14:53
    VLAI
    Title
    AVEVA Process Optimization Use of Potentially Dangerous Function
    Summary
    The vulnerability, if exploited, could allow an authenticated miscreant (Process Optimization Designer User) to embed OLE objects into graphics, and escalate their privileges to the identity of a victim user who subsequently interacts with the graphical elements.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AVEVA Process Optimization Affected: 0 , ≤ 2024.1 (custom)
    Create a notification for this product.
    Credits
    Christopher Wu of Veracode reported these vulnerabilities to AVEVA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-65117",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-16T14:53:07.205216Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-16T14:53:13.050Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Process Optimization",
              "vendor": "AVEVA",
              "versions": [
                {
                  "lessThanOrEqual": "2024.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Christopher Wu of Veracode reported these vulnerabilities to AVEVA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The vulnerability, if exploited, could allow an authenticated miscreant \n(Process Optimization Designer User) to embed OLE objects into graphics,\n and escalate their privileges to the identity of a victim user who \nsubsequently interacts with the graphical elements."
                }
              ],
              "value": "The vulnerability, if exploited, could allow an authenticated miscreant \n(Process Optimization Designer User) to embed OLE objects into graphics,\n and escalate their privileges to the identity of a victim user who \nsubsequently interacts with the graphical elements."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-676",
                  "description": "CWE-676",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-16T00:14:27.567Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
            },
            {
              "url": "https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-015-01"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA recommends users take the following action:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea\"\u003eAVEVA Process Optimization v2025\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\nFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA recommends users take the following action:\n\n\n\n  *  Update to  AVEVA Process Optimization v2025 https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea \n\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "source": {
            "advisory": "ICSA-26-015-01",
            "discovery": "EXTERNAL"
          },
          "title": "AVEVA Process Optimization Use of Potentially Dangerous Function",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA alternatively recommends the following actions users can take to mitigate risk:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eApply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\u003c/li\u003e\n\u003cli\u003eApply ACLs to the installation and data folders, limiting write-access to trusted users only.\u003c/li\u003e\n\u003cli\u003eMaintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\u003c/p\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA alternatively recommends the following actions users can take to mitigate risk:\n\n\n\n  *  Apply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\n\n  *  Apply ACLs to the installation and data folders, limiting write-access to trusted users only.\n\n  *  Maintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-65117",
        "datePublished": "2026-01-16T00:14:27.567Z",
        "dateReserved": "2025-11-24T18:22:00.806Z",
        "dateUpdated": "2026-01-16T14:53:13.050Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-64769 (GCVE-0-2025-64769)

    Vulnerability from nvd – Published: 2026-01-16 00:16 – Updated: 2026-01-16 14:52
    VLAI
    Title
    AVEVA Process Optimization Cleartext Transmission of Sensitive Information
    Summary
    The Process Optimization application suite leverages connection channels/protocols that by-default are not encrypted and could become subject to hijacking or data leakage in certain man-in-the-middle or passive inspection scenarios.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AVEVA Process Optimization Affected: 0 , ≤ 2024.1 (custom)
    Create a notification for this product.
    Credits
    Christopher Wu of Veracode reported these vulnerabilities to AVEVA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-64769",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-16T14:52:23.223478Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-16T14:52:30.496Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Process Optimization",
              "vendor": "AVEVA",
              "versions": [
                {
                  "lessThanOrEqual": "2024.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Christopher Wu of Veracode reported these vulnerabilities to AVEVA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The Process Optimization application suite leverages connection \nchannels/protocols that by-default are not encrypted and could become \nsubject to hijacking or data leakage in certain man-in-the-middle or \npassive inspection scenarios."
                }
              ],
              "value": "The Process Optimization application suite leverages connection \nchannels/protocols that by-default are not encrypted and could become \nsubject to hijacking or data leakage in certain man-in-the-middle or \npassive inspection scenarios."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 7.6,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-319",
                  "description": "CWE-319",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-16T00:16:48.949Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
            },
            {
              "url": "https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-015-01"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA recommends users take the following action:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea\"\u003eAVEVA Process Optimization v2025\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\nFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA recommends users take the following action:\n\n\n\n  *  Update to  AVEVA Process Optimization v2025 https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea \n\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "source": {
            "advisory": "ICSA-26-015-01",
            "discovery": "EXTERNAL"
          },
          "title": "AVEVA Process Optimization Cleartext Transmission of Sensitive Information",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA alternatively recommends the following actions users can take to mitigate risk:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eApply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\u003c/li\u003e\n\u003cli\u003eApply ACLs to the installation and data folders, limiting write-access to trusted users only.\u003c/li\u003e\n\u003cli\u003eMaintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\u003c/p\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA alternatively recommends the following actions users can take to mitigate risk:\n\n\n\n  *  Apply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\n\n  *  Apply ACLs to the installation and data folders, limiting write-access to trusted users only.\n\n  *  Maintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-64769",
        "datePublished": "2026-01-16T00:16:48.949Z",
        "dateReserved": "2025-11-24T18:22:00.813Z",
        "dateUpdated": "2026-01-16T14:52:30.496Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-64729 (GCVE-0-2025-64729)

    Vulnerability from nvd – Published: 2026-01-16 00:12 – Updated: 2026-01-16 14:53
    VLAI
    Title
    AVEVA Process Optimization Missing Authorization
    Summary
    The vulnerability, if exploited, could allow an authenticated miscreant (OS Standard User) to tamper with Process Optimization project files, embed code, and escalate their privileges to the identity of a victim user who subsequently interacts with the project files.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AVEVA Process Optimization Affected: 0 , ≤ 2024.1 (custom)
    Create a notification for this product.
    Credits
    Christopher Wu of Veracode reported these vulnerabilities to AVEVA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-64729",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-16T14:53:36.738653Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-16T14:53:45.166Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Process Optimization",
              "vendor": "AVEVA",
              "versions": [
                {
                  "lessThanOrEqual": "2024.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Christopher Wu of Veracode reported these vulnerabilities to AVEVA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The vulnerability, if exploited, could allow an authenticated miscreant \n(OS Standard User) to tamper with Process Optimization project files, \nembed code, and escalate their privileges to the identity of a victim \nuser who subsequently interacts with the project files."
                }
              ],
              "value": "The vulnerability, if exploited, could allow an authenticated miscreant \n(OS Standard User) to tamper with Process Optimization project files, \nembed code, and escalate their privileges to the identity of a victim \nuser who subsequently interacts with the project files."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-862",
                  "description": "CWE-862",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-16T00:12:45.798Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
            },
            {
              "url": "https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-015-01"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA recommends users take the following action:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea\"\u003eAVEVA Process Optimization v2025\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\nFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA recommends users take the following action:\n\n\n\n  *  Update to  AVEVA Process Optimization v2025 https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea \n\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "source": {
            "advisory": "ICSA-26-015-01",
            "discovery": "EXTERNAL"
          },
          "title": "AVEVA Process Optimization Missing Authorization",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA alternatively recommends the following actions users can take to mitigate risk:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eApply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\u003c/li\u003e\n\u003cli\u003eApply ACLs to the installation and data folders, limiting write-access to trusted users only.\u003c/li\u003e\n\u003cli\u003eMaintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\u003c/p\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA alternatively recommends the following actions users can take to mitigate risk:\n\n\n\n  *  Apply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\n\n  *  Apply ACLs to the installation and data folders, limiting write-access to trusted users only.\n\n  *  Maintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-64729",
        "datePublished": "2026-01-16T00:12:45.798Z",
        "dateReserved": "2025-11-24T18:22:00.798Z",
        "dateUpdated": "2026-01-16T14:53:45.166Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-64691 (GCVE-0-2025-64691)

    Vulnerability from nvd – Published: 2026-01-16 00:06 – Updated: 2026-01-16 15:12
    VLAI
    Title
    AVEVA Process Optimization Code Injection
    Summary
    The vulnerability, if exploited, could allow an authenticated miscreant (OS standard user) to tamper with TCL Macro scripts and escalate privileges to OS system, potentially resulting in complete compromise of the model application server.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AVEVA Process Optimization Affected: 0 , ≤ 2024.1 (custom)
    Create a notification for this product.
    Credits
    Christopher Wu of Veracode reported these vulnerabilities to AVEVA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-64691",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-16T15:11:30.315185Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-16T15:12:10.618Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Process Optimization",
              "vendor": "AVEVA",
              "versions": [
                {
                  "lessThanOrEqual": "2024.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Christopher Wu of Veracode reported these vulnerabilities to AVEVA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The vulnerability, if exploited, could allow an authenticated miscreant \n(OS standard user) to tamper with TCL Macro scripts and escalate \nprivileges to OS system, potentially resulting in complete compromise of\n the model application server."
                }
              ],
              "value": "The vulnerability, if exploited, could allow an authenticated miscreant \n(OS standard user) to tamper with TCL Macro scripts and escalate \nprivileges to OS system, potentially resulting in complete compromise of\n the model application server."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-16T00:06:56.554Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
            },
            {
              "url": "https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-015-01"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA recommends users take the following action:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea\"\u003eAVEVA Process Optimization v2025\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\nFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA recommends users take the following action:\n\n\n\n  *  Update to  AVEVA Process Optimization v2025 https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea \n\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "source": {
            "advisory": "ICSA-26-015-01",
            "discovery": "EXTERNAL"
          },
          "title": "AVEVA Process Optimization Code Injection",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA alternatively recommends the following actions users can take to mitigate risk:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eApply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\u003c/li\u003e\n\u003cli\u003eApply ACLs to the installation and data folders, limiting write-access to trusted users only.\u003c/li\u003e\n\u003cli\u003eMaintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\u003c/p\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA alternatively recommends the following actions users can take to mitigate risk:\n\n\n\n  *  Apply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\n\n  *  Apply ACLs to the installation and data folders, limiting write-access to trusted users only.\n\n  *  Maintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-64691",
        "datePublished": "2026-01-16T00:06:56.554Z",
        "dateReserved": "2025-11-24T18:22:00.766Z",
        "dateUpdated": "2026-01-16T15:12:10.618Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-61943 (GCVE-0-2025-61943)

    Vulnerability from nvd – Published: 2026-01-16 00:09 – Updated: 2026-01-16 15:06
    VLAI
    Title
    AVEVA Process Optimization SQL Injection
    Summary
    The vulnerability, if exploited, could allow an authenticated miscreant (Process Optimization Standard User) to tamper with queries in Captive Historian and achieve code execution under SQL Server administrative privileges, potentially resulting in complete compromise of the SQL Server.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AVEVA Process Optimization Affected: 0 , ≤ 2024.1 (custom)
    Create a notification for this product.
    Credits
    Christopher Wu of Veracode reported these vulnerabilities to AVEVA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-61943",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-16T15:05:33.136579Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-16T15:06:06.845Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Process Optimization",
              "vendor": "AVEVA",
              "versions": [
                {
                  "lessThanOrEqual": "2024.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Christopher Wu of Veracode reported these vulnerabilities to AVEVA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The vulnerability, if exploited, could allow an authenticated miscreant \n(Process Optimization Standard User) to tamper with queries in Captive \nHistorian and achieve code execution under SQL Server administrative \nprivileges, potentially resulting in complete compromise of the SQL \nServer."
                }
              ],
              "value": "The vulnerability, if exploited, could allow an authenticated miscreant \n(Process Optimization Standard User) to tamper with queries in Captive \nHistorian and achieve code execution under SQL Server administrative \nprivileges, potentially resulting in complete compromise of the SQL \nServer."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "CWE-89",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-16T00:09:18.629Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
            },
            {
              "url": "https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-015-01"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA recommends users take the following action:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea\"\u003eAVEVA Process Optimization v2025\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\nFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA recommends users take the following action:\n\n\n\n  *  Update to  AVEVA Process Optimization v2025 https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea \n\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "source": {
            "advisory": "ICSA-26-015-01",
            "discovery": "EXTERNAL"
          },
          "title": "AVEVA Process Optimization SQL Injection",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA alternatively recommends the following actions users can take to mitigate risk:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eApply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\u003c/li\u003e\n\u003cli\u003eApply ACLs to the installation and data folders, limiting write-access to trusted users only.\u003c/li\u003e\n\u003cli\u003eMaintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\u003c/p\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA alternatively recommends the following actions users can take to mitigate risk:\n\n\n\n  *  Apply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\n\n  *  Apply ACLs to the installation and data folders, limiting write-access to trusted users only.\n\n  *  Maintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-61943",
        "datePublished": "2026-01-16T00:09:18.629Z",
        "dateReserved": "2025-11-24T18:22:00.776Z",
        "dateUpdated": "2026-01-16T15:06:06.845Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-61937 (GCVE-0-2025-61937)

    Vulnerability from nvd – Published: 2026-01-16 00:04 – Updated: 2026-01-16 15:10
    VLAI
    Title
    AVEVA Process Optimization Code Injection
    Summary
    The vulnerability, if exploited, could allow an unauthenticated miscreant to achieve remote code execution under OS system privileges of “taoimr” service, potentially resulting in complete compromise of the  model application server.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AVEVA Process Optimization Affected: 0 , ≤ 2024.1 (custom)
    Create a notification for this product.
    Credits
    Christopher Wu of Veracode reported these vulnerabilities to AVEVA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-61937",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-16T15:09:41.593345Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-16T15:10:11.404Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Process Optimization",
              "vendor": "AVEVA",
              "versions": [
                {
                  "lessThanOrEqual": "2024.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Christopher Wu of Veracode reported these vulnerabilities to AVEVA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The vulnerability, if exploited, could allow an unauthenticated \nmiscreant to achieve remote code execution under OS system privileges of\n \u201ctaoimr\u201d service, potentially resulting in complete compromise of the\u0026nbsp; model application server."
                }
              ],
              "value": "The vulnerability, if exploited, could allow an unauthenticated \nmiscreant to achieve remote code execution under OS system privileges of\n \u201ctaoimr\u201d service, potentially resulting in complete compromise of the\u00a0 model application server."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-16T00:04:37.128Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
            },
            {
              "url": "https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-015-01"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA recommends users take the following action:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea\"\u003eAVEVA Process Optimization v2025\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\nFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA recommends users take the following action:\n\n\n\n  *  Update to  AVEVA Process Optimization v2025 https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea \n\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "source": {
            "advisory": "ICSA-26-015-01",
            "discovery": "EXTERNAL"
          },
          "title": "AVEVA Process Optimization Code Injection",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA alternatively recommends the following actions users can take to mitigate risk:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eApply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\u003c/li\u003e\n\u003cli\u003eApply ACLs to the installation and data folders, limiting write-access to trusted users only.\u003c/li\u003e\n\u003cli\u003eMaintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\u003c/p\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA alternatively recommends the following actions users can take to mitigate risk:\n\n\n\n  *  Apply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\n\n  *  Apply ACLs to the installation and data folders, limiting write-access to trusted users only.\n\n  *  Maintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-61937",
        "datePublished": "2026-01-16T00:04:37.128Z",
        "dateReserved": "2025-11-24T18:22:00.744Z",
        "dateUpdated": "2026-01-16T15:10:11.404Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-9317 (GCVE-0-2025-9317)

    Vulnerability from nvd – Published: 2025-11-14 23:49 – Updated: 2025-11-17 16:55
    VLAI
    Title
    AVEVA Edge Use of a Broken or Risky Cryptographic Algorithm
    Summary
    The vulnerability, if exploited, could allow a miscreant with read access to Edge Project files or Edge Offline Cache files to reverse engineer Edge users' app-native or Active Directory passwords through computational brute-forcing of weak hashes.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AVEVA Edge Affected: 0 , ≤ Versions 2023 R2 (custom)
    Create a notification for this product.
    Credits
    Joao Varelas reported this vulnerability to AVEVA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-9317",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-11-17T16:55:08.051296Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-11-17T16:55:20.081Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Edge",
              "vendor": "AVEVA",
              "versions": [
                {
                  "lessThanOrEqual": "Versions 2023 R2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Joao Varelas reported this vulnerability to AVEVA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The vulnerability, if exploited, could allow a miscreant with read \naccess to Edge Project files or Edge Offline Cache files to reverse \nengineer Edge users\u0027 app-native or Active Directory passwords through \ncomputational brute-forcing of weak hashes."
                }
              ],
              "value": "The vulnerability, if exploited, could allow a miscreant with read \naccess to Edge Project files or Edge Offline Cache files to reverse \nengineer Edge users\u0027 app-native or Active Directory passwords through \ncomputational brute-forcing of weak hashes."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-327",
                  "description": "CWE-327",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-14T23:49:27.149Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2025-006.pdf"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-317-03"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-317-03.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA recommends that organizations evaluate the impact of this \nvulnerability based on their operational environment, architecture, and \nproduct implementation.\u003c/p\u003e\n\u003cp\u003eUsers using the affected product versions should take the following actions to mitigate the risk of exploit:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eApply AVEVA Edge \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/en-US/downloads/products/details/38f52447-3013-4c4e-be6e-9b28b635bba9\"\u003e2023 R2 P01\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e\u003cli\u003e Security Update and migrate old project files.\u003c/li\u003e\n\u003cli\u003eFor projects that cannot be migrated (e.g. backups or transient \ncopies), evaluate the risk of potential password leakage from these \nfiles and implement stricter read access controls to protect these \nunsafe files.\u003c/li\u003e\n\u003cli\u003eRequire AVEVA Edge users to change their passwords.\u003c/li\u003e\n\u003cli\u003eImportant: Edge project migration from older versions to 2023 R2 P01\n is one-way due to the change in password hashing algorithms.\u003c/li\u003e\u003cli\u003e\u003cbr\u003e\u003c/li\u003e\nFor information on how to reach AVEVA support for your product, please refer to this link: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support/support-contact/\"\u003eAVEVA Customer Support\u003c/a\u003e.\u003cp\u003eFor more information, see AVEVA\u0027s Security Bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2025-006.pdf\"\u003eAVEVA-2025-006\u003c/a\u003e\u0026nbsp;or AVEVA\u0027s \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003ebulletins page\u003c/a\u003e.\n\n\u003cbr\u003e\u003c/p\u003e"
                }
              ],
              "value": "AVEVA recommends that organizations evaluate the impact of this \nvulnerability based on their operational environment, architecture, and \nproduct implementation.\n\n\nUsers using the affected product versions should take the following actions to mitigate the risk of exploit:\n\n\n\n  *  Apply AVEVA Edge  2023 R2 P01 https://softwaresupportsp.aveva.com/en-US/downloads/products/details/38f52447-3013-4c4e-be6e-9b28b635bba9 \n\n\n  *   Security Update and migrate old project files.\n\n  *  For projects that cannot be migrated (e.g. backups or transient \ncopies), evaluate the risk of potential password leakage from these \nfiles and implement stricter read access controls to protect these \nunsafe files.\n\n  *  Require AVEVA Edge users to change their passwords.\n\n  *  Important: Edge project migration from older versions to 2023 R2 P01\n is one-way due to the change in password hashing algorithms.\n  *  \n\n\nFor information on how to reach AVEVA support for your product, please refer to this link:  AVEVA Customer Support https://www.aveva.com/en/support/support-contact/ .For more information, see AVEVA\u0027s Security Bulletin  AVEVA-2025-006 https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2025-006.pdf \u00a0or AVEVA\u0027s  bulletins page https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "source": {
            "advisory": "ICSA-25-317-03",
            "discovery": "EXTERNAL"
          },
          "title": "AVEVA Edge Use of a Broken or Risky Cryptographic Algorithm",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThe following general defensive measures are recommended:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAccess Control Lists should be applied to all folders where users will save and load project files.\u003c/li\u003e\n\u003cli\u003eMaintain a trusted chain-of-custody on project files during creation, modification, distribution, and use.\u003c/li\u003e\n\u003cli\u003eApply data-protection at the project level with a strong master \npassword. For configuration step-by-step refer to AVEVA Edge \"Technical \nReference Manual\" \u0026gt; Project Overview \u0026gt; Configuring Additional \nProject Settings \u0026gt; Options Tab \u0026gt; Data Protection.\u003c/li\u003e\n\u003cli\u003eIf passwords are being used as function parameters inside project \ndocuments (such as scripts or worksheets), it is recommended to remove \nthose passwords and use project tags instead. For more information on \ntags refer to AVEVA Edge \"Technical Reference Manual\" \u0026gt; Tags and the \nTag Database \u0026gt; About Tags and the Project Database.\u003c/li\u003e\n\u003c/ul\u003e\u003cp\u003eFor information on how to reach AVEVA support for your product, please refer to this link: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support/support-contact/\"\u003eAVEVA Customer Support\u003c/a\u003e\u0026nbsp;.\u003c/p\u003e\u003cp\u003eFor more information, see AVEVA\u0027s Security Bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2025-006.pdf\"\u003eAVEVA-2025-006\u003c/a\u003e\u0026nbsp;or AVEVA\u0027s \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003ebulletins page\u003c/a\u003e.\n\n\u003cbr\u003e\u003c/p\u003e"
                }
              ],
              "value": "The following general defensive measures are recommended:\n\n\n\n  *  Access Control Lists should be applied to all folders where users will save and load project files.\n\n  *  Maintain a trusted chain-of-custody on project files during creation, modification, distribution, and use.\n\n  *  Apply data-protection at the project level with a strong master \npassword. For configuration step-by-step refer to AVEVA Edge \"Technical \nReference Manual\" \u003e Project Overview \u003e Configuring Additional \nProject Settings \u003e Options Tab \u003e Data Protection.\n\n  *  If passwords are being used as function parameters inside project \ndocuments (such as scripts or worksheets), it is recommended to remove \nthose passwords and use project tags instead. For more information on \ntags refer to AVEVA Edge \"Technical Reference Manual\" \u003e Tags and the \nTag Database \u003e About Tags and the Project Database.\n\n\n\nFor information on how to reach AVEVA support for your product, please refer to this link:  AVEVA Customer Support https://www.aveva.com/en/support/support-contact/ \u00a0.\n\nFor more information, see AVEVA\u0027s Security Bulletin  AVEVA-2025-006 https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2025-006.pdf \u00a0or AVEVA\u0027s  bulletins page https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-9317",
        "datePublished": "2025-11-14T23:49:27.149Z",
        "dateReserved": "2025-08-21T12:45:22.693Z",
        "dateUpdated": "2025-11-17T16:55:20.081Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-8386 (GCVE-0-2025-8386)

    Vulnerability from nvd – Published: 2025-11-14 23:57 – Updated: 2025-11-17 16:56
    VLAI
    Title
    AVEVA Application Server IDE Basic Cross-site Scripting
    Summary
    The vulnerability, if exploited, could allow an authenticated miscreant (with privilege of "aaConfigTools") to tamper with App Objects' help files and persist a cross-site scripting (XSS) injection that when executed by a victim user, can result in horizontal or vertical escalation of privileges. The vulnerability can only be exploited during config-time operations within the IDE component of Application Server. Run-time components and operations are not affected.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AVEVA Application Server Affected: 0 , ≤ Versions 2023 R2 SP1 P02 (custom)
    Create a notification for this product.
    Credits
    AVEVA reported this vulnerability to CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-8386",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-11-17T16:55:50.026475Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-11-17T16:56:00.107Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Application Server",
              "vendor": "AVEVA",
              "versions": [
                {
                  "lessThanOrEqual": "Versions 2023 R2 SP1 P02",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "AVEVA reported this vulnerability to CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The vulnerability, if exploited, could allow an authenticated miscreant \n(with privilege of \"aaConfigTools\") to tamper with App Objects\u0027 help \nfiles and persist a cross-site scripting (XSS) injection that when \nexecuted by a victim user, can result in horizontal or vertical \nescalation of privileges. The vulnerability can only be exploited during\n config-time operations within the IDE component of Application Server. \nRun-time components and operations are not affected."
                }
              ],
              "value": "The vulnerability, if exploited, could allow an authenticated miscreant \n(with privilege of \"aaConfigTools\") to tamper with App Objects\u0027 help \nfiles and persist a cross-site scripting (XSS) injection that when \nexecuted by a victim user, can result in horizontal or vertical \nescalation of privileges. The vulnerability can only be exploited during\n config-time operations within the IDE component of Application Server. \nRun-time components and operations are not affected."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:H/VI:L/VA:L/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-80",
                  "description": "CWE-80",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-14T23:57:04.396Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin-AVEVA-2025-005.pdf"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-317-02"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-317-02.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA recommends that organizations evaluate the impact of these \nvulnerabilities based on their operational environment, architecture, \nand product implementation. Users using affected product versions should\n apply security updates to mitigate the risk of exploit.\u003c/p\u003e\u003cp\u003eAll affected versions of the Application Server IDE can be fixed by upgrading to AVEVA System Platform \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/en-US/downloads/products/details/d32b2534-9601-4beb-ac78-046ca2ef594d\"\u003e2023 R2 SP1 P03\u003c/a\u003e\u0026nbsp;or higher.\u003c/p\u003e\n\u003cp\u003eThe following general defensive measures are recommended:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAudit assigned permissions to ensure that only trusted users are \nadded to the \"aaConfigTools\" OS Group. For additional information on \nApplication Server OS Security groups and accounts, see \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.aveva.com/bundle/sp-install/page/738031.html\"\u003ehttps://docs.aveva.com/bundle/sp-install/page/738031.html\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003eFor more information, see AVEVA\u0027s Security Bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2025-005.pdf\"\u003eAVEVA-2025-005\u003c/a\u003e or AVEVA\u0027s \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003ebulletins page\u003c/a\u003e.\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA recommends that organizations evaluate the impact of these \nvulnerabilities based on their operational environment, architecture, \nand product implementation. Users using affected product versions should\n apply security updates to mitigate the risk of exploit.\n\nAll affected versions of the Application Server IDE can be fixed by upgrading to AVEVA System Platform  2023 R2 SP1 P03 https://softwaresupportsp.aveva.com/en-US/downloads/products/details/d32b2534-9601-4beb-ac78-046ca2ef594d \u00a0or higher.\n\n\nThe following general defensive measures are recommended:\n\n\n\n  *  Audit assigned permissions to ensure that only trusted users are \nadded to the \"aaConfigTools\" OS Group. For additional information on \nApplication Server OS Security groups and accounts, see  https://docs.aveva.com/bundle/sp-install/page/738031.html \n\n\nFor more information, see AVEVA\u0027s Security Bulletin  AVEVA-2025-005 https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2025-005.pdf  or AVEVA\u0027s  bulletins page https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "source": {
            "advisory": "ICSA-25-317-02",
            "discovery": "INTERNAL"
          },
          "title": "AVEVA Application Server IDE Basic Cross-site Scripting",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-8386",
        "datePublished": "2025-11-14T23:57:04.396Z",
        "dateReserved": "2025-07-30T18:49:26.187Z",
        "dateUpdated": "2025-11-17T16:56:00.107Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5387 (GCVE-0-2026-5387)

    Vulnerability from cvelistv5 – Published: 2026-04-15 15:24 – Updated: 2026-04-15 17:38
    VLAI
    Title
    AVEVA Pipeline Simulation Missing Authorization
    Summary
    The vulnerability, if exploited, could allow an unauthenticated miscreant to perform operations intended only for Simulator Instructor or Simulator Developer (Administrator) roles, resulting in privilege escalation with potential for modification of simulation parameters, training configuration, and training records.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AVEVA Pipeline Simulation 2025 Affected: 0 , ≤ 2025 SP1 (build 7.1.9497.6351) (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5387",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-15T17:38:40.210058Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-15T17:38:50.678Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Pipeline Simulation 2025",
              "vendor": "AVEVA",
              "versions": [
                {
                  "lessThanOrEqual": "2025 SP1 (build 7.1.9497.6351)",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The vulnerability, if exploited, could allow an unauthenticated miscreant to perform operations\u0026nbsp;intended only for Simulator Instructor or Simulator Developer (Administrator) roles, resulting in privilege escalation with potential for modification of simulation parameters, training configuration, and training records."
                }
              ],
              "value": "The vulnerability, if exploited, could allow an unauthenticated miscreant to perform operations\u00a0intended only for Simulator Instructor or Simulator Developer (Administrator) roles, resulting in privilege escalation with potential for modification of simulation parameters, training configuration, and training records."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-862",
                  "description": "CWE-862",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-15T15:24:15.623Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2026-004.pdf"
            },
            {
              "url": "https://softwaresupportsp.aveva.com/en-US/downloads/products/details/57b79fdb-7b5f-4125-8a44-833b6b5c6d6f"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-106-04"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-106-04.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "All affected versions can be fixed by upgrading to AVEVA Pipeline Simulation 2025 SP1 P01 (build 7.1.9580.8513) or higher:\u003cbr\u003ehttps://softwaresupportsp.aveva.com/en-US/downloads/products/details/57b79fdb-7b5f-4125-8a44-833b6b5c6d6f"
                }
              ],
              "value": "All affected versions can be fixed by upgrading to AVEVA Pipeline Simulation 2025 SP1 P01 (build 7.1.9580.8513) or higher:\nhttps://softwaresupportsp.aveva.com/en-US/downloads/products/details/57b79fdb-7b5f-4125-8a44-833b6b5c6d6f"
            }
          ],
          "source": {
            "advisory": "ICSA-26-106-04, AVEVA-2026-004",
            "discovery": "INTERNAL"
          },
          "title": "AVEVA Pipeline Simulation Missing Authorization",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "AVEVA recommends that organizations evaluate the impact of these vulnerabilities based on their\u0026nbsp;operational environment, architecture, and product implementation. Customers using affected product versions should apply security updates to mitigate the risk of exploit."
                }
              ],
              "value": "AVEVA recommends that organizations evaluate the impact of these vulnerabilities based on their\u00a0operational environment, architecture, and product implementation. Customers using affected product versions should apply security updates to mitigate the risk of exploit."
            },
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The following general defensive measures are recommended:\u003cbr\u003e\u2022 Restrict Network Access: Implement host-based and/or network firewall controls on all nodes hosting the Pipeline Simulation Server API to ensure that only trusted Pipeline Simulation client systems are permitted to establish connections.\u003cbr\u003e\u2022 Enforce Secure Communication: Enable TLS for all API communications and ensure that server certificates are properly managed and protected to reduce the risk of manipulator-in-the-middle (MitM) attacks and tampering with data in transit."
                }
              ],
              "value": "The following general defensive measures are recommended:\n\u2022 Restrict Network Access: Implement host-based and/or network firewall controls on all nodes hosting the Pipeline Simulation Server API to ensure that only trusted Pipeline Simulation client systems are permitted to establish connections.\n\u2022 Enforce Secure Communication: Enable TLS for all API communications and ensure that server certificates are properly managed and protected to reduce the risk of manipulator-in-the-middle (MitM) attacks and tampering with data in transit."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2026-5387",
        "datePublished": "2026-04-15T15:24:15.623Z",
        "dateReserved": "2026-04-01T21:04:13.517Z",
        "dateUpdated": "2026-04-15T17:38:50.678Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-1507 (GCVE-0-2026-1507)

    Vulnerability from cvelistv5 – Published: 2026-02-10 20:19 – Updated: 2026-02-12 18:47
    VLAI
    Title
    Uncaught Exception vulnerability in AVEVA PI Data Archive
    Summary
    The affected products are vulnerable to an uncaught exception that could allow an unauthenticated attacker to remotely crash core PI services resulting in a denial-of-service.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    AVEVA PI Data Archive PI Server Affected: 0 , ≤ 2018_SP3_Patch_7 (custom)
    Create a notification for this product.
    Date Public
    2026-02-10 19:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-1507",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-12T18:46:57.197406Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-12T18:47:05.938Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PI Data Archive PI Server",
              "vendor": "AVEVA",
              "versions": [
                {
                  "lessThanOrEqual": "2018_SP3_Patch_7",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2026-02-10T19:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe affected products are vulnerable to an uncaught exception that could allow an unauthenticated attacker to remotely crash core PI services resulting in a denial-of-service.\u003c/span\u003e"
                }
              ],
              "value": "The affected products are vulnerable to an uncaught exception that could allow an unauthenticated attacker to remotely crash core PI services resulting in a denial-of-service."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-248",
                  "description": "CWE-248 Uncaught Exception",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-10T20:19:18.886Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "government-resource"
              ],
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-041-03"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation. Users of affected product versions should apply security updates to mitigate the risk of exploit.\u003c/p\u003e\u003cp\u003eAll impacted versions of PI Data Archive can be fixed by upgrading to PI Server 2024 R2 or later available here: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/en-US/downloads/products/details/8c9b0e8c-eb68-481f-b420-c87a253a4172\"\u003ehttps://softwaresupportsp.aveva.com/en-US/downloads/products/details/8c9b0e8c-eb68-481f-b420-c87a253a4172\u003c/a\u003e.\u003c/p\u003e\u003cp\u003ePI Data Archive delivered by PI Server 2018 SP3 Patch 7 and prior can be fixed by upgrading to PI Server 2018 SP3 Patch 8 or higher available here: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/en-US/downloads/products/details/79492560-7e4c-4800-8bd7-40cce61a17d2\"\u003ehttps://softwaresupportsp.aveva.com/en-US/downloads/products/details/79492560-7e4c-4800-8bd7-40cce61a17d2\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eThe following general defensive measures are recommended: * Monitor liveness of services listed in your installation\u2019s \u201c\\PI\\adm\\pisrvstart.bat\u201d. * Set the PI Data Archive Subsystem services to automatically restart. * PI Data Archive nodes should limit port 5450 inbound access to trusted workstations, users, and software.\u003c/p\u003e\u003cp\u003eFor additional information please refer to AVEVA-2026-002(\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2026-002.pdf)\"\u003ehttps://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AV...\u003c/a\u003e.\u003c/span\u003e\n\n\u003c/p\u003e"
                }
              ],
              "value": "AVEVA recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation. Users of affected product versions should apply security updates to mitigate the risk of exploit.\n\nAll impacted versions of PI Data Archive can be fixed by upgrading to PI Server 2024 R2 or later available here:  https://softwaresupportsp.aveva.com/en-US/downloads/products/details/8c9b0e8c-eb68-481f-b420-c87a253a4172 .\n\nPI Data Archive delivered by PI Server 2018 SP3 Patch 7 and prior can be fixed by upgrading to PI Server 2018 SP3 Patch 8 or higher available here:  https://softwaresupportsp.aveva.com/en-US/downloads/products/details/79492560-7e4c-4800-8bd7-40cce61a17d2 .\n\nThe following general defensive measures are recommended: * Monitor liveness of services listed in your installation\u2019s \u201c\\PI\\adm\\pisrvstart.bat\u201d. * Set the PI Data Archive Subsystem services to automatically restart. * PI Data Archive nodes should limit port 5450 inbound access to trusted workstations, users, and software.\n\nFor additional information please refer to AVEVA-2026-002(\n\n https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AV... https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2026-002.pdf) ."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Uncaught Exception vulnerability in AVEVA PI Data Archive",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2026-1507",
        "datePublished": "2026-02-10T20:19:18.886Z",
        "dateReserved": "2026-01-27T20:22:05.820Z",
        "dateUpdated": "2026-02-12T18:47:05.938Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-1495 (GCVE-0-2026-1495)

    Vulnerability from cvelistv5 – Published: 2026-02-10 20:18 – Updated: 2026-02-12 18:46
    VLAI
    Title
    Insertion of Sensitive Information into Log File vulnerability in AVEVA PI to CONNECT Agent
    Summary
    The vulnerability, if exploited, could allow an attacker with Event Log Reader (S-1-5-32-573) privileges to obtain proxy details, including URL and proxy credentials, from the PI to CONNECT event log files. This could enable unauthorized access to the proxy server.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-532 - Insertion of Sensitive Information into Log File
    Assigner
    References
    Impacted products
    Vendor Product Version
    AVEVA PI to CONNECT Agent Affected: 0 , ≤ Version v2.4.2520 (custom)
    Create a notification for this product.
    Date Public
    2026-02-10 19:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-1495",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-12T18:46:32.294842Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-12T18:46:41.102Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PI to CONNECT Agent",
              "vendor": "AVEVA",
              "versions": [
                {
                  "lessThanOrEqual": "Version v2.4.2520",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2026-02-10T19:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vulnerability, if exploited, could allow an attacker with Event Log Reader (S-1-5-32-573) privileges to obtain proxy details, including URL and proxy credentials, from the PI to CONNECT event log files. This could enable unauthorized access to the proxy server.\u003c/span\u003e\n\n\u003c/span\u003e"
                }
              ],
              "value": "The vulnerability, if exploited, could allow an attacker with Event Log Reader (S-1-5-32-573) privileges to obtain proxy details, including URL and proxy credentials, from the PI to CONNECT event log files. This could enable unauthorized access to the proxy server."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 5.7,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-532",
                  "description": "CWE-532 Insertion of Sensitive Information into Log File",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-10T20:18:10.844Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "government-resource"
              ],
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-041-04"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003eAVEVA recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.\u0026nbsp;\u003c/p\u003e\u003cp\u003e* Users of affected product versions should apply security updates to mitigate the risk of proxy details exposure in newly generated PI to CONNECT Agent event logs.\u0026nbsp;\u003c/p\u003e\u003cp\u003e* Users who have used affected product versions, should review existing PI to CONNECT Agent event logs (live/backups/copies) for exposed proxy connection details and consider purging the sensitive data from logs and/or configuring new credentials for access to the proxy service.\u003c/p\u003e\u003cp\u003eThe following general defensive measures are recommended:\u0026nbsp;\u003c/p\u003e\u003cp\u003e* Remove use of plain text passwords in proxy URLs. Alternatively, if passwords are required by the proxy, then use least-privilege credentials.\u0026nbsp;\u003c/p\u003e\u003cp\u003e* Ensure only trusted users are given Event Log Reader (S-1-5-32-573) privileges on hosts where PI to CONNECT is installed.\u0026nbsp;\u003c/p\u003e\u003cp\u003e* Review existing PI to CONNECT event logs (live/backups/copies) for exposed proxy connection details and consider purging the sensitive data from logs and/or configuring new credentials for access to the proxy service.\u003c/p\u003e\u003cp\u003eAll affected versions can be fixed by upgrading to PI to CONNECT Agent v2.5.2790 or higher. The latest version of the agent can be downloaded from the CONNECT Data Services Portal here: [\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://datahub.connect.aveva.com/](https://datahub.connect.aveva.com/](https://datahub.connect.aveva.com/](https://datahub.connect.aveva.com/)\"\u003ehttps://datahub.connect.aveva.com/](https://datahub.connect.aveva.com/](https://datahub.connect.avev...\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eFor additional information please refer to AVEVA-2026-003 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2026-003.pdf\"\u003ehttps://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2026-003.pdf\u003c/a\u003e.\u003c/p\u003e\n\n\u003cp\u003e\n\n\u003c/p\u003e"
                }
              ],
              "value": "AVEVA recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.\u00a0\n\n* Users of affected product versions should apply security updates to mitigate the risk of proxy details exposure in newly generated PI to CONNECT Agent event logs.\u00a0\n\n* Users who have used affected product versions, should review existing PI to CONNECT Agent event logs (live/backups/copies) for exposed proxy connection details and consider purging the sensitive data from logs and/or configuring new credentials for access to the proxy service.\n\nThe following general defensive measures are recommended:\u00a0\n\n* Remove use of plain text passwords in proxy URLs. Alternatively, if passwords are required by the proxy, then use least-privilege credentials.\u00a0\n\n* Ensure only trusted users are given Event Log Reader (S-1-5-32-573) privileges on hosts where PI to CONNECT is installed.\u00a0\n\n* Review existing PI to CONNECT event logs (live/backups/copies) for exposed proxy connection details and consider purging the sensitive data from logs and/or configuring new credentials for access to the proxy service.\n\nAll affected versions can be fixed by upgrading to PI to CONNECT Agent v2.5.2790 or higher. The latest version of the agent can be downloaded from the CONNECT Data Services Portal here: [ https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2026-003.pdf ."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Insertion of Sensitive Information into Log File vulnerability in AVEVA PI to CONNECT Agent",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2026-1495",
        "datePublished": "2026-02-10T20:18:10.844Z",
        "dateReserved": "2026-01-27T15:52:30.419Z",
        "dateUpdated": "2026-02-12T18:46:41.102Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-64769 (GCVE-0-2025-64769)

    Vulnerability from cvelistv5 – Published: 2026-01-16 00:16 – Updated: 2026-01-16 14:52
    VLAI
    Title
    AVEVA Process Optimization Cleartext Transmission of Sensitive Information
    Summary
    The Process Optimization application suite leverages connection channels/protocols that by-default are not encrypted and could become subject to hijacking or data leakage in certain man-in-the-middle or passive inspection scenarios.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AVEVA Process Optimization Affected: 0 , ≤ 2024.1 (custom)
    Create a notification for this product.
    Credits
    Christopher Wu of Veracode reported these vulnerabilities to AVEVA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-64769",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-16T14:52:23.223478Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-16T14:52:30.496Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Process Optimization",
              "vendor": "AVEVA",
              "versions": [
                {
                  "lessThanOrEqual": "2024.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Christopher Wu of Veracode reported these vulnerabilities to AVEVA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The Process Optimization application suite leverages connection \nchannels/protocols that by-default are not encrypted and could become \nsubject to hijacking or data leakage in certain man-in-the-middle or \npassive inspection scenarios."
                }
              ],
              "value": "The Process Optimization application suite leverages connection \nchannels/protocols that by-default are not encrypted and could become \nsubject to hijacking or data leakage in certain man-in-the-middle or \npassive inspection scenarios."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 7.6,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-319",
                  "description": "CWE-319",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-16T00:16:48.949Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
            },
            {
              "url": "https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-015-01"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA recommends users take the following action:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea\"\u003eAVEVA Process Optimization v2025\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\nFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA recommends users take the following action:\n\n\n\n  *  Update to  AVEVA Process Optimization v2025 https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea \n\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "source": {
            "advisory": "ICSA-26-015-01",
            "discovery": "EXTERNAL"
          },
          "title": "AVEVA Process Optimization Cleartext Transmission of Sensitive Information",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA alternatively recommends the following actions users can take to mitigate risk:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eApply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\u003c/li\u003e\n\u003cli\u003eApply ACLs to the installation and data folders, limiting write-access to trusted users only.\u003c/li\u003e\n\u003cli\u003eMaintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\u003c/p\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA alternatively recommends the following actions users can take to mitigate risk:\n\n\n\n  *  Apply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\n\n  *  Apply ACLs to the installation and data folders, limiting write-access to trusted users only.\n\n  *  Maintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-64769",
        "datePublished": "2026-01-16T00:16:48.949Z",
        "dateReserved": "2025-11-24T18:22:00.813Z",
        "dateUpdated": "2026-01-16T14:52:30.496Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-65117 (GCVE-0-2025-65117)

    Vulnerability from cvelistv5 – Published: 2026-01-16 00:14 – Updated: 2026-01-16 14:53
    VLAI
    Title
    AVEVA Process Optimization Use of Potentially Dangerous Function
    Summary
    The vulnerability, if exploited, could allow an authenticated miscreant (Process Optimization Designer User) to embed OLE objects into graphics, and escalate their privileges to the identity of a victim user who subsequently interacts with the graphical elements.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AVEVA Process Optimization Affected: 0 , ≤ 2024.1 (custom)
    Create a notification for this product.
    Credits
    Christopher Wu of Veracode reported these vulnerabilities to AVEVA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-65117",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-16T14:53:07.205216Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-16T14:53:13.050Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Process Optimization",
              "vendor": "AVEVA",
              "versions": [
                {
                  "lessThanOrEqual": "2024.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Christopher Wu of Veracode reported these vulnerabilities to AVEVA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The vulnerability, if exploited, could allow an authenticated miscreant \n(Process Optimization Designer User) to embed OLE objects into graphics,\n and escalate their privileges to the identity of a victim user who \nsubsequently interacts with the graphical elements."
                }
              ],
              "value": "The vulnerability, if exploited, could allow an authenticated miscreant \n(Process Optimization Designer User) to embed OLE objects into graphics,\n and escalate their privileges to the identity of a victim user who \nsubsequently interacts with the graphical elements."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-676",
                  "description": "CWE-676",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-16T00:14:27.567Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
            },
            {
              "url": "https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-015-01"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA recommends users take the following action:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea\"\u003eAVEVA Process Optimization v2025\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\nFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA recommends users take the following action:\n\n\n\n  *  Update to  AVEVA Process Optimization v2025 https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea \n\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "source": {
            "advisory": "ICSA-26-015-01",
            "discovery": "EXTERNAL"
          },
          "title": "AVEVA Process Optimization Use of Potentially Dangerous Function",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA alternatively recommends the following actions users can take to mitigate risk:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eApply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\u003c/li\u003e\n\u003cli\u003eApply ACLs to the installation and data folders, limiting write-access to trusted users only.\u003c/li\u003e\n\u003cli\u003eMaintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\u003c/p\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA alternatively recommends the following actions users can take to mitigate risk:\n\n\n\n  *  Apply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\n\n  *  Apply ACLs to the installation and data folders, limiting write-access to trusted users only.\n\n  *  Maintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-65117",
        "datePublished": "2026-01-16T00:14:27.567Z",
        "dateReserved": "2025-11-24T18:22:00.806Z",
        "dateUpdated": "2026-01-16T14:53:13.050Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-64729 (GCVE-0-2025-64729)

    Vulnerability from cvelistv5 – Published: 2026-01-16 00:12 – Updated: 2026-01-16 14:53
    VLAI
    Title
    AVEVA Process Optimization Missing Authorization
    Summary
    The vulnerability, if exploited, could allow an authenticated miscreant (OS Standard User) to tamper with Process Optimization project files, embed code, and escalate their privileges to the identity of a victim user who subsequently interacts with the project files.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AVEVA Process Optimization Affected: 0 , ≤ 2024.1 (custom)
    Create a notification for this product.
    Credits
    Christopher Wu of Veracode reported these vulnerabilities to AVEVA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-64729",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-16T14:53:36.738653Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-16T14:53:45.166Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Process Optimization",
              "vendor": "AVEVA",
              "versions": [
                {
                  "lessThanOrEqual": "2024.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Christopher Wu of Veracode reported these vulnerabilities to AVEVA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The vulnerability, if exploited, could allow an authenticated miscreant \n(OS Standard User) to tamper with Process Optimization project files, \nembed code, and escalate their privileges to the identity of a victim \nuser who subsequently interacts with the project files."
                }
              ],
              "value": "The vulnerability, if exploited, could allow an authenticated miscreant \n(OS Standard User) to tamper with Process Optimization project files, \nembed code, and escalate their privileges to the identity of a victim \nuser who subsequently interacts with the project files."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-862",
                  "description": "CWE-862",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-16T00:12:45.798Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
            },
            {
              "url": "https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-015-01"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA recommends users take the following action:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea\"\u003eAVEVA Process Optimization v2025\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\nFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA recommends users take the following action:\n\n\n\n  *  Update to  AVEVA Process Optimization v2025 https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea \n\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "source": {
            "advisory": "ICSA-26-015-01",
            "discovery": "EXTERNAL"
          },
          "title": "AVEVA Process Optimization Missing Authorization",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA alternatively recommends the following actions users can take to mitigate risk:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eApply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\u003c/li\u003e\n\u003cli\u003eApply ACLs to the installation and data folders, limiting write-access to trusted users only.\u003c/li\u003e\n\u003cli\u003eMaintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\u003c/p\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA alternatively recommends the following actions users can take to mitigate risk:\n\n\n\n  *  Apply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\n\n  *  Apply ACLs to the installation and data folders, limiting write-access to trusted users only.\n\n  *  Maintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-64729",
        "datePublished": "2026-01-16T00:12:45.798Z",
        "dateReserved": "2025-11-24T18:22:00.798Z",
        "dateUpdated": "2026-01-16T14:53:45.166Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-65118 (GCVE-0-2025-65118)

    Vulnerability from cvelistv5 – Published: 2026-01-16 00:11 – Updated: 2026-01-16 15:39
    VLAI
    Title
    AVEVA Process Optimization Uncontrolled Search Path Element
    Summary
    The vulnerability, if exploited, could allow an authenticated miscreant (OS Standard User) to trick Process Optimization services into loading arbitrary code and escalate privileges to OS System, potentially resulting in complete compromise of the Model Application Server.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AVEVA Process Optimization Affected: 0 , ≤ 2024.1 (custom)
    Create a notification for this product.
    Credits
    Christopher Wu of Veracode reported these vulnerabilities to AVEVA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-65118",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-16T15:39:31.310210Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-16T15:39:37.345Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Process Optimization",
              "vendor": "AVEVA",
              "versions": [
                {
                  "lessThanOrEqual": "2024.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Christopher Wu of Veracode reported these vulnerabilities to AVEVA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The vulnerability, if exploited, could allow an authenticated miscreant \n(OS Standard User) to trick Process Optimization services into loading \narbitrary code and escalate privileges to OS System, potentially \nresulting in complete compromise of the Model Application Server."
                }
              ],
              "value": "The vulnerability, if exploited, could allow an authenticated miscreant \n(OS Standard User) to trick Process Optimization services into loading \narbitrary code and escalate privileges to OS System, potentially \nresulting in complete compromise of the Model Application Server."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-427",
                  "description": "CWE-427",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-16T00:11:12.560Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
            },
            {
              "url": "https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-015-01"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA recommends users take the following action:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea\"\u003eAVEVA Process Optimization v2025\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\nFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA recommends users take the following action:\n\n\n\n  *  Update to  AVEVA Process Optimization v2025 https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea \n\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "source": {
            "advisory": "ICSA-26-015-01",
            "discovery": "EXTERNAL"
          },
          "title": "AVEVA Process Optimization Uncontrolled Search Path Element",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA alternatively recommends the following actions users can take to mitigate risk:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eApply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\u003c/li\u003e\n\u003cli\u003eApply ACLs to the installation and data folders, limiting write-access to trusted users only.\u003c/li\u003e\n\u003cli\u003eMaintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\u003c/p\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA alternatively recommends the following actions users can take to mitigate risk:\n\n\n\n  *  Apply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\n\n  *  Apply ACLs to the installation and data folders, limiting write-access to trusted users only.\n\n  *  Maintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-65118",
        "datePublished": "2026-01-16T00:11:12.560Z",
        "dateReserved": "2025-11-24T18:22:00.785Z",
        "dateUpdated": "2026-01-16T15:39:37.345Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-61943 (GCVE-0-2025-61943)

    Vulnerability from cvelistv5 – Published: 2026-01-16 00:09 – Updated: 2026-01-16 15:06
    VLAI
    Title
    AVEVA Process Optimization SQL Injection
    Summary
    The vulnerability, if exploited, could allow an authenticated miscreant (Process Optimization Standard User) to tamper with queries in Captive Historian and achieve code execution under SQL Server administrative privileges, potentially resulting in complete compromise of the SQL Server.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AVEVA Process Optimization Affected: 0 , ≤ 2024.1 (custom)
    Create a notification for this product.
    Credits
    Christopher Wu of Veracode reported these vulnerabilities to AVEVA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-61943",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-16T15:05:33.136579Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-16T15:06:06.845Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Process Optimization",
              "vendor": "AVEVA",
              "versions": [
                {
                  "lessThanOrEqual": "2024.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Christopher Wu of Veracode reported these vulnerabilities to AVEVA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The vulnerability, if exploited, could allow an authenticated miscreant \n(Process Optimization Standard User) to tamper with queries in Captive \nHistorian and achieve code execution under SQL Server administrative \nprivileges, potentially resulting in complete compromise of the SQL \nServer."
                }
              ],
              "value": "The vulnerability, if exploited, could allow an authenticated miscreant \n(Process Optimization Standard User) to tamper with queries in Captive \nHistorian and achieve code execution under SQL Server administrative \nprivileges, potentially resulting in complete compromise of the SQL \nServer."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "CWE-89",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-16T00:09:18.629Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
            },
            {
              "url": "https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-015-01"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA recommends users take the following action:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea\"\u003eAVEVA Process Optimization v2025\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\nFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA recommends users take the following action:\n\n\n\n  *  Update to  AVEVA Process Optimization v2025 https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea \n\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "source": {
            "advisory": "ICSA-26-015-01",
            "discovery": "EXTERNAL"
          },
          "title": "AVEVA Process Optimization SQL Injection",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA alternatively recommends the following actions users can take to mitigate risk:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eApply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\u003c/li\u003e\n\u003cli\u003eApply ACLs to the installation and data folders, limiting write-access to trusted users only.\u003c/li\u003e\n\u003cli\u003eMaintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\u003c/p\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA alternatively recommends the following actions users can take to mitigate risk:\n\n\n\n  *  Apply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\n\n  *  Apply ACLs to the installation and data folders, limiting write-access to trusted users only.\n\n  *  Maintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-61943",
        "datePublished": "2026-01-16T00:09:18.629Z",
        "dateReserved": "2025-11-24T18:22:00.776Z",
        "dateUpdated": "2026-01-16T15:06:06.845Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-64691 (GCVE-0-2025-64691)

    Vulnerability from cvelistv5 – Published: 2026-01-16 00:06 – Updated: 2026-01-16 15:12
    VLAI
    Title
    AVEVA Process Optimization Code Injection
    Summary
    The vulnerability, if exploited, could allow an authenticated miscreant (OS standard user) to tamper with TCL Macro scripts and escalate privileges to OS system, potentially resulting in complete compromise of the model application server.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AVEVA Process Optimization Affected: 0 , ≤ 2024.1 (custom)
    Create a notification for this product.
    Credits
    Christopher Wu of Veracode reported these vulnerabilities to AVEVA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-64691",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-16T15:11:30.315185Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-16T15:12:10.618Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Process Optimization",
              "vendor": "AVEVA",
              "versions": [
                {
                  "lessThanOrEqual": "2024.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Christopher Wu of Veracode reported these vulnerabilities to AVEVA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The vulnerability, if exploited, could allow an authenticated miscreant \n(OS standard user) to tamper with TCL Macro scripts and escalate \nprivileges to OS system, potentially resulting in complete compromise of\n the model application server."
                }
              ],
              "value": "The vulnerability, if exploited, could allow an authenticated miscreant \n(OS standard user) to tamper with TCL Macro scripts and escalate \nprivileges to OS system, potentially resulting in complete compromise of\n the model application server."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-16T00:06:56.554Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
            },
            {
              "url": "https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-015-01"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA recommends users take the following action:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea\"\u003eAVEVA Process Optimization v2025\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\nFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA recommends users take the following action:\n\n\n\n  *  Update to  AVEVA Process Optimization v2025 https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea \n\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "source": {
            "advisory": "ICSA-26-015-01",
            "discovery": "EXTERNAL"
          },
          "title": "AVEVA Process Optimization Code Injection",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA alternatively recommends the following actions users can take to mitigate risk:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eApply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\u003c/li\u003e\n\u003cli\u003eApply ACLs to the installation and data folders, limiting write-access to trusted users only.\u003c/li\u003e\n\u003cli\u003eMaintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\u003c/p\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA alternatively recommends the following actions users can take to mitigate risk:\n\n\n\n  *  Apply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\n\n  *  Apply ACLs to the installation and data folders, limiting write-access to trusted users only.\n\n  *  Maintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-64691",
        "datePublished": "2026-01-16T00:06:56.554Z",
        "dateReserved": "2025-11-24T18:22:00.766Z",
        "dateUpdated": "2026-01-16T15:12:10.618Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-61937 (GCVE-0-2025-61937)

    Vulnerability from cvelistv5 – Published: 2026-01-16 00:04 – Updated: 2026-01-16 15:10
    VLAI
    Title
    AVEVA Process Optimization Code Injection
    Summary
    The vulnerability, if exploited, could allow an unauthenticated miscreant to achieve remote code execution under OS system privileges of “taoimr” service, potentially resulting in complete compromise of the  model application server.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AVEVA Process Optimization Affected: 0 , ≤ 2024.1 (custom)
    Create a notification for this product.
    Credits
    Christopher Wu of Veracode reported these vulnerabilities to AVEVA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-61937",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-16T15:09:41.593345Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-16T15:10:11.404Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Process Optimization",
              "vendor": "AVEVA",
              "versions": [
                {
                  "lessThanOrEqual": "2024.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Christopher Wu of Veracode reported these vulnerabilities to AVEVA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The vulnerability, if exploited, could allow an unauthenticated \nmiscreant to achieve remote code execution under OS system privileges of\n \u201ctaoimr\u201d service, potentially resulting in complete compromise of the\u0026nbsp; model application server."
                }
              ],
              "value": "The vulnerability, if exploited, could allow an unauthenticated \nmiscreant to achieve remote code execution under OS system privileges of\n \u201ctaoimr\u201d service, potentially resulting in complete compromise of the\u00a0 model application server."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-16T00:04:37.128Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/"
            },
            {
              "url": "https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-015-01"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-01.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA recommends users take the following action:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea\"\u003eAVEVA Process Optimization v2025\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\nFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA recommends users take the following action:\n\n\n\n  *  Update to  AVEVA Process Optimization v2025 https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea \n\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "source": {
            "advisory": "ICSA-26-015-01",
            "discovery": "EXTERNAL"
          },
          "title": "AVEVA Process Optimization Code Injection",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA alternatively recommends the following actions users can take to mitigate risk:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eApply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\u003c/li\u003e\n\u003cli\u003eApply ACLs to the installation and data folders, limiting write-access to trusted users only.\u003c/li\u003e\n\u003cli\u003eMaintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFor more information, please \nAVEVA\u0027s security bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003eAVEVA-2026-001\u003c/a\u003e.\u003c/p\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA alternatively recommends the following actions users can take to mitigate risk:\n\n\n\n  *  Apply host and/or network firewall rules restricting the taoimr \nservice to accept traffic only from trusted source(s). By default, AVEVA\n Process Optimization listens on port 8888/8889(TLS). Please refer to \nthe AVEVA Process Optimization Installation Guide for additional details\n on ports configuration.\n\n  *  Apply ACLs to the installation and data folders, limiting write-access to trusted users only.\n\n  *  Maintain a trusted chain-of-custody on Process Optimization project \nfiles during creation, modification, distribution, backups, and use.\n\n\n\n\nFor more information, please \nAVEVA\u0027s security bulletin  AVEVA-2026-001 https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-61937",
        "datePublished": "2026-01-16T00:04:37.128Z",
        "dateReserved": "2025-11-24T18:22:00.744Z",
        "dateUpdated": "2026-01-16T15:10:11.404Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-8386 (GCVE-0-2025-8386)

    Vulnerability from cvelistv5 – Published: 2025-11-14 23:57 – Updated: 2025-11-17 16:56
    VLAI
    Title
    AVEVA Application Server IDE Basic Cross-site Scripting
    Summary
    The vulnerability, if exploited, could allow an authenticated miscreant (with privilege of "aaConfigTools") to tamper with App Objects' help files and persist a cross-site scripting (XSS) injection that when executed by a victim user, can result in horizontal or vertical escalation of privileges. The vulnerability can only be exploited during config-time operations within the IDE component of Application Server. Run-time components and operations are not affected.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AVEVA Application Server Affected: 0 , ≤ Versions 2023 R2 SP1 P02 (custom)
    Create a notification for this product.
    Credits
    AVEVA reported this vulnerability to CISA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-8386",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-11-17T16:55:50.026475Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-11-17T16:56:00.107Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Application Server",
              "vendor": "AVEVA",
              "versions": [
                {
                  "lessThanOrEqual": "Versions 2023 R2 SP1 P02",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "AVEVA reported this vulnerability to CISA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The vulnerability, if exploited, could allow an authenticated miscreant \n(with privilege of \"aaConfigTools\") to tamper with App Objects\u0027 help \nfiles and persist a cross-site scripting (XSS) injection that when \nexecuted by a victim user, can result in horizontal or vertical \nescalation of privileges. The vulnerability can only be exploited during\n config-time operations within the IDE component of Application Server. \nRun-time components and operations are not affected."
                }
              ],
              "value": "The vulnerability, if exploited, could allow an authenticated miscreant \n(with privilege of \"aaConfigTools\") to tamper with App Objects\u0027 help \nfiles and persist a cross-site scripting (XSS) injection that when \nexecuted by a victim user, can result in horizontal or vertical \nescalation of privileges. The vulnerability can only be exploited during\n config-time operations within the IDE component of Application Server. \nRun-time components and operations are not affected."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:H/VI:L/VA:L/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-80",
                  "description": "CWE-80",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-14T23:57:04.396Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin-AVEVA-2025-005.pdf"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-317-02"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-317-02.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA recommends that organizations evaluate the impact of these \nvulnerabilities based on their operational environment, architecture, \nand product implementation. Users using affected product versions should\n apply security updates to mitigate the risk of exploit.\u003c/p\u003e\u003cp\u003eAll affected versions of the Application Server IDE can be fixed by upgrading to AVEVA System Platform \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/en-US/downloads/products/details/d32b2534-9601-4beb-ac78-046ca2ef594d\"\u003e2023 R2 SP1 P03\u003c/a\u003e\u0026nbsp;or higher.\u003c/p\u003e\n\u003cp\u003eThe following general defensive measures are recommended:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAudit assigned permissions to ensure that only trusted users are \nadded to the \"aaConfigTools\" OS Group. For additional information on \nApplication Server OS Security groups and accounts, see \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.aveva.com/bundle/sp-install/page/738031.html\"\u003ehttps://docs.aveva.com/bundle/sp-install/page/738031.html\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003eFor more information, see AVEVA\u0027s Security Bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2025-005.pdf\"\u003eAVEVA-2025-005\u003c/a\u003e or AVEVA\u0027s \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003ebulletins page\u003c/a\u003e.\n\n\u003cbr\u003e"
                }
              ],
              "value": "AVEVA recommends that organizations evaluate the impact of these \nvulnerabilities based on their operational environment, architecture, \nand product implementation. Users using affected product versions should\n apply security updates to mitigate the risk of exploit.\n\nAll affected versions of the Application Server IDE can be fixed by upgrading to AVEVA System Platform  2023 R2 SP1 P03 https://softwaresupportsp.aveva.com/en-US/downloads/products/details/d32b2534-9601-4beb-ac78-046ca2ef594d \u00a0or higher.\n\n\nThe following general defensive measures are recommended:\n\n\n\n  *  Audit assigned permissions to ensure that only trusted users are \nadded to the \"aaConfigTools\" OS Group. For additional information on \nApplication Server OS Security groups and accounts, see  https://docs.aveva.com/bundle/sp-install/page/738031.html \n\n\nFor more information, see AVEVA\u0027s Security Bulletin  AVEVA-2025-005 https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2025-005.pdf  or AVEVA\u0027s  bulletins page https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "source": {
            "advisory": "ICSA-25-317-02",
            "discovery": "INTERNAL"
          },
          "title": "AVEVA Application Server IDE Basic Cross-site Scripting",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-8386",
        "datePublished": "2025-11-14T23:57:04.396Z",
        "dateReserved": "2025-07-30T18:49:26.187Z",
        "dateUpdated": "2025-11-17T16:56:00.107Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-9317 (GCVE-0-2025-9317)

    Vulnerability from cvelistv5 – Published: 2025-11-14 23:49 – Updated: 2025-11-17 16:55
    VLAI
    Title
    AVEVA Edge Use of a Broken or Risky Cryptographic Algorithm
    Summary
    The vulnerability, if exploited, could allow a miscreant with read access to Edge Project files or Edge Offline Cache files to reverse engineer Edge users' app-native or Active Directory passwords through computational brute-forcing of weak hashes.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    AVEVA Edge Affected: 0 , ≤ Versions 2023 R2 (custom)
    Create a notification for this product.
    Credits
    Joao Varelas reported this vulnerability to AVEVA.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-9317",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-11-17T16:55:08.051296Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-11-17T16:55:20.081Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Edge",
              "vendor": "AVEVA",
              "versions": [
                {
                  "lessThanOrEqual": "Versions 2023 R2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Joao Varelas reported this vulnerability to AVEVA."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The vulnerability, if exploited, could allow a miscreant with read \naccess to Edge Project files or Edge Offline Cache files to reverse \nengineer Edge users\u0027 app-native or Active Directory passwords through \ncomputational brute-forcing of weak hashes."
                }
              ],
              "value": "The vulnerability, if exploited, could allow a miscreant with read \naccess to Edge Project files or Edge Offline Cache files to reverse \nengineer Edge users\u0027 app-native or Active Directory passwords through \ncomputational brute-forcing of weak hashes."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-327",
                  "description": "CWE-327",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-14T23:49:27.149Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "url": "https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2025-006.pdf"
            },
            {
              "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-317-03"
            },
            {
              "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-317-03.json"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAVEVA recommends that organizations evaluate the impact of this \nvulnerability based on their operational environment, architecture, and \nproduct implementation.\u003c/p\u003e\n\u003cp\u003eUsers using the affected product versions should take the following actions to mitigate the risk of exploit:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eApply AVEVA Edge \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/en-US/downloads/products/details/38f52447-3013-4c4e-be6e-9b28b635bba9\"\u003e2023 R2 P01\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e\u003cli\u003e Security Update and migrate old project files.\u003c/li\u003e\n\u003cli\u003eFor projects that cannot be migrated (e.g. backups or transient \ncopies), evaluate the risk of potential password leakage from these \nfiles and implement stricter read access controls to protect these \nunsafe files.\u003c/li\u003e\n\u003cli\u003eRequire AVEVA Edge users to change their passwords.\u003c/li\u003e\n\u003cli\u003eImportant: Edge project migration from older versions to 2023 R2 P01\n is one-way due to the change in password hashing algorithms.\u003c/li\u003e\u003cli\u003e\u003cbr\u003e\u003c/li\u003e\nFor information on how to reach AVEVA support for your product, please refer to this link: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support/support-contact/\"\u003eAVEVA Customer Support\u003c/a\u003e.\u003cp\u003eFor more information, see AVEVA\u0027s Security Bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2025-006.pdf\"\u003eAVEVA-2025-006\u003c/a\u003e\u0026nbsp;or AVEVA\u0027s \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003ebulletins page\u003c/a\u003e.\n\n\u003cbr\u003e\u003c/p\u003e"
                }
              ],
              "value": "AVEVA recommends that organizations evaluate the impact of this \nvulnerability based on their operational environment, architecture, and \nproduct implementation.\n\n\nUsers using the affected product versions should take the following actions to mitigate the risk of exploit:\n\n\n\n  *  Apply AVEVA Edge  2023 R2 P01 https://softwaresupportsp.aveva.com/en-US/downloads/products/details/38f52447-3013-4c4e-be6e-9b28b635bba9 \n\n\n  *   Security Update and migrate old project files.\n\n  *  For projects that cannot be migrated (e.g. backups or transient \ncopies), evaluate the risk of potential password leakage from these \nfiles and implement stricter read access controls to protect these \nunsafe files.\n\n  *  Require AVEVA Edge users to change their passwords.\n\n  *  Important: Edge project migration from older versions to 2023 R2 P01\n is one-way due to the change in password hashing algorithms.\n  *  \n\n\nFor information on how to reach AVEVA support for your product, please refer to this link:  AVEVA Customer Support https://www.aveva.com/en/support/support-contact/ .For more information, see AVEVA\u0027s Security Bulletin  AVEVA-2025-006 https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2025-006.pdf \u00a0or AVEVA\u0027s  bulletins page https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "source": {
            "advisory": "ICSA-25-317-03",
            "discovery": "EXTERNAL"
          },
          "title": "AVEVA Edge Use of a Broken or Risky Cryptographic Algorithm",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThe following general defensive measures are recommended:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAccess Control Lists should be applied to all folders where users will save and load project files.\u003c/li\u003e\n\u003cli\u003eMaintain a trusted chain-of-custody on project files during creation, modification, distribution, and use.\u003c/li\u003e\n\u003cli\u003eApply data-protection at the project level with a strong master \npassword. For configuration step-by-step refer to AVEVA Edge \"Technical \nReference Manual\" \u0026gt; Project Overview \u0026gt; Configuring Additional \nProject Settings \u0026gt; Options Tab \u0026gt; Data Protection.\u003c/li\u003e\n\u003cli\u003eIf passwords are being used as function parameters inside project \ndocuments (such as scripts or worksheets), it is recommended to remove \nthose passwords and use project tags instead. For more information on \ntags refer to AVEVA Edge \"Technical Reference Manual\" \u0026gt; Tags and the \nTag Database \u0026gt; About Tags and the Project Database.\u003c/li\u003e\n\u003c/ul\u003e\u003cp\u003eFor information on how to reach AVEVA support for your product, please refer to this link: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support/support-contact/\"\u003eAVEVA Customer Support\u003c/a\u003e\u0026nbsp;.\u003c/p\u003e\u003cp\u003eFor more information, see AVEVA\u0027s Security Bulletin \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2025-006.pdf\"\u003eAVEVA-2025-006\u003c/a\u003e\u0026nbsp;or AVEVA\u0027s \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support-and-success/cyber-security-updates/\"\u003ebulletins page\u003c/a\u003e.\n\n\u003cbr\u003e\u003c/p\u003e"
                }
              ],
              "value": "The following general defensive measures are recommended:\n\n\n\n  *  Access Control Lists should be applied to all folders where users will save and load project files.\n\n  *  Maintain a trusted chain-of-custody on project files during creation, modification, distribution, and use.\n\n  *  Apply data-protection at the project level with a strong master \npassword. For configuration step-by-step refer to AVEVA Edge \"Technical \nReference Manual\" \u003e Project Overview \u003e Configuring Additional \nProject Settings \u003e Options Tab \u003e Data Protection.\n\n  *  If passwords are being used as function parameters inside project \ndocuments (such as scripts or worksheets), it is recommended to remove \nthose passwords and use project tags instead. For more information on \ntags refer to AVEVA Edge \"Technical Reference Manual\" \u003e Tags and the \nTag Database \u003e About Tags and the Project Database.\n\n\n\nFor information on how to reach AVEVA support for your product, please refer to this link:  AVEVA Customer Support https://www.aveva.com/en/support/support-contact/ \u00a0.\n\nFor more information, see AVEVA\u0027s Security Bulletin  AVEVA-2025-006 https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2025-006.pdf \u00a0or AVEVA\u0027s  bulletins page https://www.aveva.com/en/support-and-success/cyber-security-updates/ ."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2025-9317",
        "datePublished": "2025-11-14T23:49:27.149Z",
        "dateReserved": "2025-08-21T12:45:22.693Z",
        "dateUpdated": "2025-11-17T16:55:20.081Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    VAR-201801-0036

    Vulnerability from variot - Updated: 2026-03-09 20:29

    jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. jQuery is an open source, cross-browser JavaScript library developed by American John Resig programmers. The library simplifies the operation between HTML and JavaScript, and has the characteristics of modularization and plug-in extension. A cross-site scripting vulnerability exists in jQuery versions prior to 3.0.0. The vulnerability stems from the lack of correct validation of client data in WEB applications. An attacker could exploit this vulnerability to execute client code. 8) - aarch64, noarch, ppc64le, s390x, x86_64

    1. Description:

    The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System. 1732565 - CVE-2019-10221 pki-core: Reflected XSS in getcookies?url= endpoint in CA 1732981 - When nuxwdog is enabled pkidaemon status shows instances as stopped. Description:

    Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. Solution:

    Before applying this update, make sure all previously released errata relevant to your system have been applied. JIRA issues fixed (https://issues.jboss.org/):

    JBEAP-23864 - (7.4.z) Upgrade xmlsec from 2.1.7.redhat-00001 to 2.2.3.redhat-00001 JBEAP-23865 - GSS Upgrade Apache CXF from 3.3.13.redhat-00001 to 3.4.10.redhat-00001 JBEAP-23866 - (7.4.z) Upgrade wss4j from 2.2.7.redhat-00001 to 2.3.3.redhat-00001 JBEAP-23926 - Tracker bug for the EAP 7.4.9 release for RHEL-7 JBEAP-24055 - (7.4.z) Upgrade HAL from 3.3.15.Final-redhat-00001 to 3.3.16.Final-redhat-00001 JBEAP-24081 - (7.4.z) Upgrade Elytron from 1.15.14.Final-redhat-00001 to 1.15.15.Final-redhat-00001 JBEAP-24095 - (7.4.z) Upgrade elytron-web from 1.9.2.Final-redhat-00001 to 1.9.3.Final-redhat-00001 JBEAP-24100 - GSS Upgrade Undertow from 2.2.20.SP1-redhat-00001 to 2.2.22.SP3-redhat-00001 JBEAP-24127 - (7.4.z) UNDERTOW-2123 - Update AsyncContextImpl.dispatch to use proper value JBEAP-24128 - (7.4.z) Upgrade Hibernate Search from 5.10.7.Final-redhat-00001 to 5.10.13.Final-redhat-00001 JBEAP-24132 - GSS Upgrade Ironjacamar from 1.5.3.SP2-redhat-00001 to 1.5.10.Final-redhat-00001 JBEAP-24147 - (7.4.z) Upgrade jboss-ejb-client from 4.0.45.Final-redhat-00001 to 4.0.49.Final-redhat-00001 JBEAP-24167 - (7.4.z) Upgrade WildFly Core from 15.0.19.Final-redhat-00001 to 15.0.21.Final-redhat-00002 JBEAP-24191 - GSS Upgrade remoting from 5.0.26.SP1-redhat-00001 to 5.0.27.Final-redhat-00001 JBEAP-24195 - GSS Upgrade JSF API from 3.0.0.SP06-redhat-00001 to 3.0.0.SP07-redhat-00001 JBEAP-24207 - (7.4.z) Upgrade Soteria from 1.0.1.redhat-00002 to 1.0.1.redhat-00003 JBEAP-24248 - (7.4.z) ELY-2492 - Upgrade sshd-common in Elytron from 2.7.0 to 2.9.2 JBEAP-24426 - (7.4.z) Upgrade Elytron from 1.15.15.Final-redhat-00001 to 1.15.16.Final-redhat-00001 JBEAP-24427 - (7.4.z) Upgrade WildFly Core from 15.0.21.Final-redhat-00002 to 15.0.22.Final-redhat-00001

    1. 1879604 - pkispawn logs files are empty

    2. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

    ====================================================================
    Red Hat Security Advisory

    Synopsis: Moderate: ipa security, bug fix, and enhancement update Advisory ID: RHSA-2020:3936-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:3936 Issue date: 2020-09-29 CVE Names: CVE-2015-9251 CVE-2016-10735 CVE-2018-14040 CVE-2018-14042 CVE-2018-20676 CVE-2018-20677 CVE-2019-8331 CVE-2019-11358 CVE-2020-1722 CVE-2020-11022 ==================================================================== 1. Summary:

    An update for ipa is now available for Red Hat Enterprise Linux 7.

    Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64

    1. Description:

    Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.

    The following packages have been upgraded to a later upstream version: ipa (4.6.8). (BZ#1819725)

    Security Fix(es):

    • js-jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)

    • bootstrap: XSS in the data-target attribute (CVE-2016-10735)

    • bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)

    • bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip. (CVE-2018-14042)

    • bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)

    • bootstrap: XSS in the affix configuration target property (CVE-2018-20677)

    • bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)

    • js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)

    • jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)

    • ipa: No password length restriction leads to denial of service (CVE-2020-1722)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.

    1. Solution:

    For details on how to apply this update, which includes the changes described in this advisory, refer to:

    https://access.redhat.com/articles/11258

    1. Bugs fixed (https://bugzilla.redhat.com/):

    1399546 - CVE-2015-9251 js-jquery: Cross-site scripting via cross-domain ajax requests 1404770 - ID Views: do not allow custom Views for the masters 1545755 - ipa-replica-prepare should not update pki admin password. 1601614 - CVE-2018-14040 bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute 1601617 - CVE-2018-14042 bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip. 1668082 - CVE-2018-20676 bootstrap: XSS in the tooltip data-viewport attribute 1668089 - CVE-2018-20677 bootstrap: XSS in the affix configuration target property 1668097 - CVE-2016-10735 bootstrap: XSS in the data-target attribute 1686454 - CVE-2019-8331 bootstrap: XSS in the tooltip or popover data-template attribute 1701972 - CVE-2019-11358 js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection 1754902 - Running ipa-server-install fails when RHEL 7.7 packages are installed on RHEL 7.6 1755535 - ipa-advise on a RHEL7 IdM server is not able to generate a configuration script for a RHEL8 IdM client 1756568 - ipa-server-certinstall man page does not match built-in help. 1758406 - KRA authentication fails when IPA CA has custom Subject DN 1769791 - Invisible part of notification area in Web UI intercepts clicks of some page elements 1771356 - Default client configuration breaks ssh in FIPS mode. 1780548 - Man page ipa-cacert-manage does not display correctly on RHEL 1782587 - add "systemctl restart sssd" to warning message when adding trust agents to replicas 1788718 - ipa-server-install incorrectly setting slew mode (-x) when setting up ntpd 1788907 - Renewed certs are not picked up by IPA CAs 1793071 - CVE-2020-1722 ipa: No password length restriction leads to denial of service 1795890 - ipa-pkinit-manage enable fails on replica if it doesn't host the CA 1801791 - Compatibility Schema difference in functionality for systems following RHEL 7.5 -> 7.6 upgrade path as opposed to new RHEL 7.6 systems 1817886 - ipa group-add-member: prevent adding IPA objects as external members 1817918 - Secure tomcat AJP connector 1817919 - Enable compat tree to provide information about AD users and groups on trust agents 1817922 - covscan memory leaks report 1817923 - IPA upgrade is failing with error "Failed to get request: bus, object_path and dbus_interface must not be None." 1817927 - host-add --password logs cleartext userpassword to Apache error log 1819725 - Rebase IPA to latest 4.6.x version 1825829 - ipa-advise on a RHEL7 IdM server generate a configuration script for client having hardcoded python3 1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method 1829787 - ipa service-del deletes the required principal when specified in lower/upper case 1834385 - Man page syntax issue detected by rpminspect 1842950 - ipa-adtrust-install fails when replica is offline

    1. Package List:

    Red Hat Enterprise Linux Client (v. 7):

    Source: ipa-4.6.8-5.el7.src.rpm

    noarch: ipa-client-common-4.6.8-5.el7.noarch.rpm ipa-common-4.6.8-5.el7.noarch.rpm ipa-python-compat-4.6.8-5.el7.noarch.rpm python2-ipaclient-4.6.8-5.el7.noarch.rpm python2-ipalib-4.6.8-5.el7.noarch.rpm

    x86_64: ipa-client-4.6.8-5.el7.x86_64.rpm ipa-debuginfo-4.6.8-5.el7.x86_64.rpm

    Red Hat Enterprise Linux Client Optional (v. 7):

    noarch: ipa-server-common-4.6.8-5.el7.noarch.rpm ipa-server-dns-4.6.8-5.el7.noarch.rpm python2-ipaserver-4.6.8-5.el7.noarch.rpm

    x86_64: ipa-debuginfo-4.6.8-5.el7.x86_64.rpm ipa-server-4.6.8-5.el7.x86_64.rpm ipa-server-trust-ad-4.6.8-5.el7.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode (v. 7):

    Source: ipa-4.6.8-5.el7.src.rpm

    noarch: ipa-client-common-4.6.8-5.el7.noarch.rpm ipa-common-4.6.8-5.el7.noarch.rpm ipa-python-compat-4.6.8-5.el7.noarch.rpm python2-ipaclient-4.6.8-5.el7.noarch.rpm python2-ipalib-4.6.8-5.el7.noarch.rpm

    x86_64: ipa-client-4.6.8-5.el7.x86_64.rpm ipa-debuginfo-4.6.8-5.el7.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode Optional (v. 7):

    noarch: ipa-server-common-4.6.8-5.el7.noarch.rpm ipa-server-dns-4.6.8-5.el7.noarch.rpm python2-ipaserver-4.6.8-5.el7.noarch.rpm

    x86_64: ipa-debuginfo-4.6.8-5.el7.x86_64.rpm ipa-server-4.6.8-5.el7.x86_64.rpm ipa-server-trust-ad-4.6.8-5.el7.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 7):

    Source: ipa-4.6.8-5.el7.src.rpm

    noarch: ipa-client-common-4.6.8-5.el7.noarch.rpm ipa-common-4.6.8-5.el7.noarch.rpm ipa-python-compat-4.6.8-5.el7.noarch.rpm ipa-server-common-4.6.8-5.el7.noarch.rpm ipa-server-dns-4.6.8-5.el7.noarch.rpm python2-ipaclient-4.6.8-5.el7.noarch.rpm python2-ipalib-4.6.8-5.el7.noarch.rpm python2-ipaserver-4.6.8-5.el7.noarch.rpm

    ppc64: ipa-client-4.6.8-5.el7.ppc64.rpm ipa-debuginfo-4.6.8-5.el7.ppc64.rpm

    ppc64le: ipa-client-4.6.8-5.el7.ppc64le.rpm ipa-debuginfo-4.6.8-5.el7.ppc64le.rpm

    s390x: ipa-client-4.6.8-5.el7.s390x.rpm ipa-debuginfo-4.6.8-5.el7.s390x.rpm

    x86_64: ipa-client-4.6.8-5.el7.x86_64.rpm ipa-debuginfo-4.6.8-5.el7.x86_64.rpm ipa-server-4.6.8-5.el7.x86_64.rpm ipa-server-trust-ad-4.6.8-5.el7.x86_64.rpm

    Red Hat Enterprise Linux Workstation (v. 7):

    Source: ipa-4.6.8-5.el7.src.rpm

    noarch: ipa-client-common-4.6.8-5.el7.noarch.rpm ipa-common-4.6.8-5.el7.noarch.rpm ipa-python-compat-4.6.8-5.el7.noarch.rpm ipa-server-common-4.6.8-5.el7.noarch.rpm ipa-server-dns-4.6.8-5.el7.noarch.rpm python2-ipaclient-4.6.8-5.el7.noarch.rpm python2-ipalib-4.6.8-5.el7.noarch.rpm python2-ipaserver-4.6.8-5.el7.noarch.rpm

    x86_64: ipa-client-4.6.8-5.el7.x86_64.rpm ipa-debuginfo-4.6.8-5.el7.x86_64.rpm ipa-server-4.6.8-5.el7.x86_64.rpm ipa-server-trust-ad-4.6.8-5.el7.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. References:

    https://access.redhat.com/security/cve/CVE-2015-9251 https://access.redhat.com/security/cve/CVE-2016-10735 https://access.redhat.com/security/cve/CVE-2018-14040 https://access.redhat.com/security/cve/CVE-2018-14042 https://access.redhat.com/security/cve/CVE-2018-20676 https://access.redhat.com/security/cve/CVE-2018-20677 https://access.redhat.com/security/cve/CVE-2019-8331 https://access.redhat.com/security/cve/CVE-2019-11358 https://access.redhat.com/security/cve/CVE-2020-1722 https://access.redhat.com/security/cve/CVE-2020-11022 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

    iQIVAwUBX3Of/9zjgjWX9erEAQjmHBAAi+u4CgMbaduuYvMAMbNKqT/0X8Y02udQ maW4rfZ6udfHWJ21h1VlD/INXHB3sBFC2vpXsgJD7dTkUsZYIx73LrQFkakTzIWc xSQalxNs+Fjh/ot/JMiKQzQUmZeu/vUYgVB81y+hczg5dys3q1mnu42GWe18sJIc FCY2R3mBTnFUZoc/3JDHeVRJU8eq51oqRgNaz+Fl+CoFkR81P6mD8wybIIAsBx14 Ykya/awQf+OuBCe5tqfTV1+KS2U4+tqiqapzALt7dhjfA9Jayc9/UvQjGCyrmGvP +BBBPSqGOS81jpPo0ouM3OtadWrGAWERMwtrR+POUp1rnMxy2kI0EpebnzSOtJy2 xExPZtcTjjgWvIMDdrJJ5DXG6cP5j3GjyvFknmCtCqvXzo90gw73psi6roG+g/a8 UyML+be8jnJK7571X3dz6OCYBExaHqM21ukUEfdvddszhw92J3fxmDm5+picETB9 dZ++VtV1lCBOlKW1SDG/ggk7PeSRGTDL5IkekopO1w89r3QsfqyFudlsNT0dDgk7 8Kzn8YpCWln1Kp0UbVushKRT+KllZRTKzXTBfiEWiYtQiwyL9zj/DrxagXXbiPe7 5mZnk62sAdKya3On4ejgPQ8Nq8oKHzRfaig/CNaNiB00HgZcRdQokPQ9+DRnkdNS UR3S5ZAZvb8=SWQt -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Hello,

    I identified several vulnerabilities in dotCMS v5.1.1 due to vulnerable open source dependencies. The purpose of this text-only errata is to inform you about the security issues fixed in this release.

    Security Fix(es):

    • HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)

    • HTTP/2: flood using PRIORITY frames results in excessive resource consumption (CVE-2019-9513)

    • HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)

    • HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)

    • HTTP/2: 0-length headers lead to denial of service (CVE-2019-9516)

    • HTTP/2: request for large response leads to denial of service (CVE-2019-9517)

    • HTTP/2: flood using empty frames results in excessive resource consumption (CVE-2019-9518)

    • infinispan: invokeAccessibly method from ReflectionUtil class allows to invoke private methods (CVE-2019-10174)

    • spring-security-core: mishandling of user passwords allows logging in with a password of NULL (CVE-2019-11272)

    • jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384)

    • jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)

    • xmlrpc: Deserialization of server-side exception from faultCause in XMLRPC error response (CVE-2019-17570)

    • js-jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)

    • logback: Serialization vulnerability in SocketServer and ServerSocketReceiver (CVE-2017-5929)

    • js-jquery: XSS in responses from cross-origin ajax requests (CVE-2017-16012)

    • apache-commons-compress: ZipArchiveInputStream.read() fails to identify correct EOF allowing for DoS via crafted zip (CVE-2018-11771)

    • spring-data-api: potential information disclosure through maliciously crafted example value in ExampleMatcher (CVE-2019-3802)

    • undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed (CVE-2019-3888)

    • shiro: Cookie padding oracle vulnerability with default configuration (CVE-2019-12422)

    • jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message. Solution:

    Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.

    Installation instructions are available from the Fuse 7.6.0 product documentation page: https://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/

    1. Bugs fixed (https://bugzilla.redhat.com/):

    1399546 - CVE-2015-9251 js-jquery: Cross-site scripting via cross-domain ajax requests 1432858 - CVE-2017-5929 logback: Serialization vulnerability in SocketServer and ServerSocketReceiver 1591854 - CVE-2017-16012 js-jquery: XSS in responses from cross-origin ajax requests 1618573 - CVE-2018-11771 apache-commons-compress: ZipArchiveInputStream.read() fails to identify correct EOF allowing for DoS via crafted zip 1643043 - CVE-2018-15756 springframework: DoS Attack via Range Requests 1693777 - CVE-2019-3888 undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed 1703469 - CVE-2019-10174 infinispan: invokeAccessibly method from ReflectionUtil class allows to invoke private methods 1709860 - CVE-2019-5427 c3p0: loading XML configuration leads to denial of service 1713068 - CVE-2019-10184 undertow: Information leak in requests for directories without trailing slashes 1725795 - CVE-2019-12814 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message. 1725807 - CVE-2019-12384 jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution 1728993 - CVE-2019-11272 spring-security-core: mishandling of user passwords allows logging in with a password of NULL 1730316 - CVE-2019-3802 spring-data-api: potential information disclosure through maliciously crafted example value in ExampleMatcher 1735645 - CVE-2019-9512 HTTP/2: flood using PING frames results in unbounded memory growth 1735741 - CVE-2019-9513 HTTP/2: flood using PRIORITY frames results in excessive resource consumption 1735744 - CVE-2019-9514 HTTP/2: flood using HEADERS frames results in unbounded memory growth 1735745 - CVE-2019-9515 HTTP/2: flood using SETTINGS frames results in unbounded memory growth 1735749 - CVE-2019-9518 HTTP/2: flood using empty frames results in excessive resource consumption 1737517 - CVE-2019-14379 jackson-databind: default typing mishandling leading to remote code execution 1741864 - CVE-2019-9516 HTTP/2: 0-length headers lead to denial of service 1741868 - CVE-2019-9517 HTTP/2: request for large response leads to denial of service 1752962 - CVE-2019-14439 jackson-databind: Polymorphic typing issue related to logback/JNDI 1774726 - CVE-2019-12422 shiro: Cookie padding oracle vulnerability with default configuration 1775193 - CVE-2019-17570 xmlrpc: Deserialization of server-side exception from faultCause in XMLRPC error response

    1. OctoberCMS is a CMS similar to WordPress, but with much less “fluff”. SECURELI.com's team identified the latest version of OctoberCMS relying on Bootstrap 3.3.7, jQuery 1.11.1, and jQuery 3.3.1. All of these dependencies are vulnerable.

    /october/themes/demo/assets/vendor/bootstrap.js

    bootstrap 3.3.7 has known vulnerabilities severity: high issue: 28236 summary: XSS in data-template, data-content and data-title properties of tooltip/popover

    CVE-2019-8331 https://github.com/twbs/bootstrap/issues/28236 severity: medium issue: 20184 summary: XSS in data-target property of scrollspy

    CVE-2018-14041 https://github.com/twbs/bootstrap/issues/20184 severity: medium issue: 20184 summary: XSS in collapse data-parent attribute

    CVE-2018-14040 https://github.com/twbs/bootstrap/issues/20184 severity: medium issue: 20184 summary: XSS in data-container property of tooltip

    CVE-2018-14042 https://github.com/twbs/bootstrap/issues/20184


    /october/themes/demo/assets/vendor/jquery.js

    jquery 1.11.1 has known vulnerabilities severity: medium issue: 2432 summary: 3rd party CORS request may execute

    CVE-2015-9251

    https://github.com/jquery/jquery/issues/2432 http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/ https://nvd.nist.gov/vuln/detail/CVE-2015-9251 http://research.insecurelabs.org/jquery/test/ severity: medium

    CVE-2015-9251 issue: 11974 summary: parseHTML() executes scripts in event handlers

    https://bugs.jquery.com/ticket/11974 https://nvd.nist.gov/vuln/detail/CVE-2015-9251 http://research.insecurelabs.org/jquery/test/ severity: low

    CVE-2019-11358 summary: jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution

    https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/ https://nvd.nist.gov/vuln/detail/CVE-2019-11358 https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b


    /october/modules/backend/assets/js/vendor/jquery-and-migrate.min.js

    jquery 3.3.1 has known vulnerabilities severity: low

    CVE-2019-11358 summary: jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution

    https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/ https://nvd.nist.gov/vuln/detail/CVE-2019-11358 https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b

    All of these vulnerabilities were identified using RetireJS (https://retirejs.github.io/retire.js/), which identifies open source dependency vulnerabilities.

    Research provided by SECURELI.com

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "jdeveloper",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "12.2.1.3.0"
          },
          {
            "_id": null,
            "model": "agile product lifecycle management for process",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "6.2.3.1"
          },
          {
            "_id": null,
            "model": "enterprise manager ops center",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "12.2.2"
          },
          {
            "_id": null,
            "model": "endeca information discovery studio",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "3.2.0"
          },
          {
            "_id": null,
            "model": "financial services loan loss forecasting and provisioning",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "8.0.7"
          },
          {
            "_id": null,
            "model": "communications interactive session recorder",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "primavera unifier",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "16.1"
          },
          {
            "_id": null,
            "model": "healthcare foundation",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "hospitality guest access",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "4.2.1"
          },
          {
            "_id": null,
            "model": "hospitality materials control",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "18.1"
          },
          {
            "_id": null,
            "model": "banking platform",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "2.6.1"
          },
          {
            "_id": null,
            "model": "hospitality cruise fleet management",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "9.0.11"
          },
          {
            "_id": null,
            "model": "financial services asset liability management",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "8.0.7"
          },
          {
            "_id": null,
            "model": "financial services profitability management",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "8.0.6"
          },
          {
            "_id": null,
            "model": "primavera gateway",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "17.12"
          },
          {
            "_id": null,
            "model": "financial services profitability management",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "8.0.4"
          },
          {
            "_id": null,
            "model": "agile product lifecycle management for process",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "6.2.0.0"
          },
          {
            "_id": null,
            "model": "financial services analytical applications infrastructure",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "7.3.5"
          },
          {
            "_id": null,
            "model": "peoplesoft enterprise peopletools",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "8.55"
          },
          {
            "_id": null,
            "model": "utilities framework",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "4.3.0.4"
          },
          {
            "_id": null,
            "model": "service bus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "12.2.1.3.0"
          },
          {
            "_id": null,
            "model": "retail invoice matching",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "15.0"
          },
          {
            "_id": null,
            "model": "business process management suite",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "12.2.1.3.0"
          },
          {
            "_id": null,
            "model": "oss support tools",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "19.1"
          },
          {
            "_id": null,
            "model": "retail customer insights",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "15.0"
          },
          {
            "_id": null,
            "model": "financial services asset liability management",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "8.0.4"
          },
          {
            "_id": null,
            "model": "weblogic server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "12.1.3.0"
          },
          {
            "_id": null,
            "model": "banking platform",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "2.6.0"
          },
          {
            "_id": null,
            "model": "fusion middleware mapviewer",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "12.2.1.3.0"
          },
          {
            "_id": null,
            "model": "financial services data integration hub",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "8.0.7"
          },
          {
            "_id": null,
            "model": "enterprise operations monitor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "3.4"
          },
          {
            "_id": null,
            "model": "healthcare translational research",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "3.1.0"
          },
          {
            "_id": null,
            "model": "hospitality guest access",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "4.2.0"
          },
          {
            "_id": null,
            "model": "banking platform",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "2.6.2"
          },
          {
            "_id": null,
            "model": "financial services reconciliation framework",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "8.0.6"
          },
          {
            "_id": null,
            "model": "agile product lifecycle management for process",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "6.2.3.0"
          },
          {
            "_id": null,
            "model": "communications converged application server",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "7.0.0.1"
          },
          {
            "_id": null,
            "model": "retail sales audit",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "15.0"
          },
          {
            "_id": null,
            "model": "agile product lifecycle management for process",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "6.2.1.0"
          },
          {
            "_id": null,
            "model": "financial services reconciliation framework",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "8.0.5"
          },
          {
            "_id": null,
            "model": "primavera gateway",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "15.2"
          },
          {
            "_id": null,
            "model": "agile product lifecycle management for process",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "6.2.2.0"
          },
          {
            "_id": null,
            "model": "endeca information discovery studio",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "3.1.0"
          },
          {
            "_id": null,
            "model": "siebel ui framework",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "18.10"
          },
          {
            "_id": null,
            "model": "financial services market risk measurement and management",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "8.0.6"
          },
          {
            "_id": null,
            "model": "retail customer insights",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "16.0"
          },
          {
            "_id": null,
            "model": "utilities framework",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "4.3.0.1"
          },
          {
            "_id": null,
            "model": "financial services funds transfer pricing",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "8.0.7"
          },
          {
            "_id": null,
            "model": "communications interactive session recorder",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "primavera gateway",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "16.2"
          },
          {
            "_id": null,
            "model": "financial services market risk measurement and management",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "8.0.5"
          },
          {
            "_id": null,
            "model": "hospitality reporting and analytics",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "9.1.0"
          },
          {
            "_id": null,
            "model": "jdeveloper",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "12.1.3.0.0"
          },
          {
            "_id": null,
            "model": "retail allocation",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "15.0.2"
          },
          {
            "_id": null,
            "model": "weblogic server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "12.2.1.3"
          },
          {
            "_id": null,
            "model": "insurance insbridge rating and underwriting",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "5.5"
          },
          {
            "_id": null,
            "model": "primavera unifier",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "17.1"
          },
          {
            "_id": null,
            "model": "primavera unifier",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "17.12"
          },
          {
            "_id": null,
            "model": "jquery",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "jquery",
            "version": "3.0.0"
          },
          {
            "_id": null,
            "model": "peoplesoft enterprise peopletools",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "8.56"
          },
          {
            "_id": null,
            "model": "peoplesoft enterprise peopletools",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "8.57"
          },
          {
            "_id": null,
            "model": "communications interactive session recorder",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "insurance insbridge rating and underwriting",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "5.4"
          },
          {
            "_id": null,
            "model": "business process management suite",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "11.1.1.9.0"
          },
          {
            "_id": null,
            "model": "utilities mobile workforce management",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "2.3.0"
          },
          {
            "_id": null,
            "model": "financial services loan loss forecasting and provisioning",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "8.0.2"
          },
          {
            "_id": null,
            "model": "retail workforce management software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "1.60.9"
          },
          {
            "_id": null,
            "model": "communications webrtc session controller",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "financial services hedge management and ifrs valuations",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "8.0.7"
          },
          {
            "_id": null,
            "model": "enterprise operations monitor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "healthcare foundation",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "webcenter sites",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "11.1.1.8.0"
          },
          {
            "_id": null,
            "model": "retail workforce management software",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "1.64.0"
          },
          {
            "_id": null,
            "model": "financial services data integration hub",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "8.0.5"
          },
          {
            "_id": null,
            "model": "financial services analytical applications infrastructure",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "8.0.7"
          },
          {
            "_id": null,
            "model": "financial services funds transfer pricing",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "8.0.4"
          },
          {
            "_id": null,
            "model": "primavera unifier",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "16.2"
          },
          {
            "_id": null,
            "model": "primavera unifier",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "18.8"
          },
          {
            "_id": null,
            "model": "service bus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "12.1.3.0.0"
          },
          {
            "_id": null,
            "model": "financial services liquidity risk management",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "8.0.2"
          },
          {
            "_id": null,
            "model": "siebel ui framework",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "18.11"
          },
          {
            "_id": null,
            "model": "financial services analytical applications infrastructure",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "7.3.3"
          },
          {
            "_id": null,
            "model": "business process management suite",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "12.1.3.0.0"
          },
          {
            "_id": null,
            "model": "financial services liquidity risk management",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "8.0.6"
          },
          {
            "_id": null,
            "model": "jdeveloper",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "11.1.1.9.0"
          },
          {
            "_id": null,
            "model": "financial services hedge management and ifrs valuations",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "8.0.4"
          },
          {
            "_id": null,
            "model": "communications services gatekeeper",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "6.1.0.4.0"
          },
          {
            "_id": null,
            "model": "financial services analytical applications infrastructure",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "8.0.0"
          },
          {
            "_id": null,
            "model": "insurance insbridge rating and underwriting",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "jd edwards enterpriseone tools",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "enterprise manager ops center",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "12.3.3"
          },
          {
            "_id": null,
            "model": "real-time scheduler",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "2.3.0"
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-9251"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Red Hat",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "159852"
          },
          {
            "db": "PACKETSTORM",
            "id": "170821"
          },
          {
            "db": "PACKETSTORM",
            "id": "170817"
          },
          {
            "db": "PACKETSTORM",
            "id": "159876"
          },
          {
            "db": "PACKETSTORM",
            "id": "159353"
          },
          {
            "db": "PACKETSTORM",
            "id": "156941"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2015-9251",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2015-9251",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "VHN-87212",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.8,
                "id": "CVE-2015-9251",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2015-9251",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-87212",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87212"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9251"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. jQuery is an open source, cross-browser JavaScript library developed by American John Resig programmers. The library simplifies the operation between HTML and JavaScript, and has the characteristics of modularization and plug-in extension. A cross-site scripting vulnerability exists in jQuery versions prior to 3.0.0. The vulnerability stems from the lack of correct validation of client data in WEB applications. An attacker could exploit this vulnerability to execute client code. 8) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. Description:\n\nThe Public Key Infrastructure (PKI) Core contains fundamental packages\nrequired by Red Hat Certificate System. \n1732565 - CVE-2019-10221 pki-core: Reflected XSS in getcookies?url= endpoint in CA\n1732981 - When nuxwdog is enabled pkidaemon status shows instances as stopped. Description:\n\nRed Hat JBoss Enterprise Application Platform 7 is a platform for Java\napplications based on the WildFly application runtime. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. JIRA issues fixed (https://issues.jboss.org/):\n\nJBEAP-23864 - (7.4.z) Upgrade xmlsec from 2.1.7.redhat-00001 to 2.2.3.redhat-00001\nJBEAP-23865 - [GSS](7.4.z) Upgrade Apache CXF from 3.3.13.redhat-00001 to 3.4.10.redhat-00001\nJBEAP-23866 - (7.4.z) Upgrade wss4j from 2.2.7.redhat-00001 to 2.3.3.redhat-00001\nJBEAP-23926 - Tracker bug for the EAP 7.4.9 release for RHEL-7\nJBEAP-24055 - (7.4.z) Upgrade HAL from 3.3.15.Final-redhat-00001 to 3.3.16.Final-redhat-00001\nJBEAP-24081 - (7.4.z) Upgrade Elytron from 1.15.14.Final-redhat-00001 to 1.15.15.Final-redhat-00001\nJBEAP-24095 - (7.4.z) Upgrade elytron-web from 1.9.2.Final-redhat-00001 to 1.9.3.Final-redhat-00001\nJBEAP-24100 - [GSS](7.4.z) Upgrade Undertow from 2.2.20.SP1-redhat-00001 to 2.2.22.SP3-redhat-00001\nJBEAP-24127 - (7.4.z) UNDERTOW-2123 - Update AsyncContextImpl.dispatch to use proper value\nJBEAP-24128 - (7.4.z) Upgrade Hibernate Search from 5.10.7.Final-redhat-00001 to 5.10.13.Final-redhat-00001\nJBEAP-24132 - [GSS](7.4.z) Upgrade Ironjacamar from 1.5.3.SP2-redhat-00001 to 1.5.10.Final-redhat-00001\nJBEAP-24147 - (7.4.z) Upgrade jboss-ejb-client from 4.0.45.Final-redhat-00001 to 4.0.49.Final-redhat-00001\nJBEAP-24167 - (7.4.z) Upgrade WildFly Core from 15.0.19.Final-redhat-00001 to 15.0.21.Final-redhat-00002\nJBEAP-24191 - [GSS](7.4.z) Upgrade remoting from 5.0.26.SP1-redhat-00001 to 5.0.27.Final-redhat-00001\nJBEAP-24195 - [GSS](7.4.z) Upgrade JSF API from 3.0.0.SP06-redhat-00001 to 3.0.0.SP07-redhat-00001\nJBEAP-24207 - (7.4.z) Upgrade Soteria from 1.0.1.redhat-00002 to 1.0.1.redhat-00003\nJBEAP-24248 - (7.4.z) ELY-2492 - Upgrade sshd-common in Elytron from 2.7.0 to 2.9.2\nJBEAP-24426 - (7.4.z) Upgrade Elytron from 1.15.15.Final-redhat-00001 to 1.15.16.Final-redhat-00001\nJBEAP-24427 - (7.4.z) Upgrade WildFly Core from 15.0.21.Final-redhat-00002 to 15.0.22.Final-redhat-00001\n\n7. \n1879604 - pkispawn logs files are empty\n\n6. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n====================================================================                   \nRed Hat Security Advisory\n\nSynopsis:          Moderate: ipa security, bug fix, and enhancement update\nAdvisory ID:       RHSA-2020:3936-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2020:3936\nIssue date:        2020-09-29\nCVE Names:         CVE-2015-9251 CVE-2016-10735 CVE-2018-14040\n                   CVE-2018-14042 CVE-2018-20676 CVE-2018-20677\n                   CVE-2019-8331 CVE-2019-11358 CVE-2020-1722\n                   CVE-2020-11022\n====================================================================\n1. Summary:\n\nAn update for ipa is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64\n\n3. Description:\n\nRed Hat Identity Management (IdM) is a centralized authentication, identity\nmanagement, and authorization solution for both traditional and cloud-based\nenterprise environments. \n\nThe following packages have been upgraded to a later upstream version: ipa\n(4.6.8). (BZ#1819725)\n\nSecurity Fix(es):\n\n* js-jquery: Cross-site scripting via cross-domain ajax requests\n(CVE-2015-9251)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent\nattribute (CVE-2018-14040)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of\ntooltip. (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* bootstrap: XSS in the affix configuration target property\n(CVE-2018-20677)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute\n(CVE-2019-8331)\n\n* js-jquery: prototype pollution in object\u0027s prototype leading to denial of\nservice or remote code execution or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter\nmethod (CVE-2020-11022)\n\n* ipa: No password length restriction leads to denial of service\n(CVE-2020-1722)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.9 Release Notes linked from the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1399546 - CVE-2015-9251 js-jquery: Cross-site scripting via cross-domain ajax requests\n1404770 - ID Views: do not allow custom Views for the masters\n1545755 - ipa-replica-prepare should not update pki admin password. \n1601614 - CVE-2018-14040 bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute\n1601617 - CVE-2018-14042 bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip. \n1668082 - CVE-2018-20676 bootstrap: XSS in the tooltip data-viewport attribute\n1668089 - CVE-2018-20677 bootstrap: XSS in the affix configuration target property\n1668097 - CVE-2016-10735 bootstrap: XSS in the data-target attribute\n1686454 - CVE-2019-8331 bootstrap: XSS in the tooltip or popover data-template attribute\n1701972 - CVE-2019-11358 js-jquery: prototype pollution in object\u0027s prototype leading to denial of service or remote code execution or property injection\n1754902 - Running ipa-server-install fails when RHEL 7.7 packages are installed on RHEL 7.6\n1755535 - ipa-advise on a RHEL7 IdM server is not able to generate a configuration script for a RHEL8 IdM client\n1756568 - ipa-server-certinstall man page does not match built-in help. \n1758406 - KRA authentication fails when IPA CA has custom Subject DN\n1769791 - Invisible part of notification area in Web UI intercepts clicks of some page elements\n1771356 - Default client configuration breaks ssh in FIPS mode. \n1780548 - Man page ipa-cacert-manage does not display correctly on RHEL\n1782587 - add \"systemctl restart sssd\" to warning message when adding trust agents to replicas\n1788718 - ipa-server-install incorrectly setting slew mode (-x) when setting up ntpd\n1788907 - Renewed certs are not picked up by IPA CAs\n1793071 - CVE-2020-1722 ipa: No password length restriction leads to denial of service\n1795890 - ipa-pkinit-manage enable fails on replica if it doesn\u0027t host the CA\n1801791 - Compatibility Schema difference in functionality for systems following RHEL 7.5 -\u003e 7.6 upgrade path as opposed to new RHEL 7.6 systems\n1817886 - ipa group-add-member: prevent adding IPA objects as external members\n1817918 - Secure tomcat AJP connector\n1817919 - Enable compat tree to provide information about AD users and groups on trust agents\n1817922 - covscan memory leaks report\n1817923 - IPA upgrade is failing with error \"Failed to get request: bus, object_path and dbus_interface must not be None.\"\n1817927 - host-add --password logs cleartext userpassword to Apache error log\n1819725 - Rebase IPA to latest 4.6.x version\n1825829 - ipa-advise on a RHEL7 IdM server generate a configuration script for client having hardcoded python3\n1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method\n1829787 - ipa service-del deletes the required principal when specified in lower/upper case\n1834385 - Man page syntax issue detected by rpminspect\n1842950 - ipa-adtrust-install fails when replica is offline\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nipa-4.6.8-5.el7.src.rpm\n\nnoarch:\nipa-client-common-4.6.8-5.el7.noarch.rpm\nipa-common-4.6.8-5.el7.noarch.rpm\nipa-python-compat-4.6.8-5.el7.noarch.rpm\npython2-ipaclient-4.6.8-5.el7.noarch.rpm\npython2-ipalib-4.6.8-5.el7.noarch.rpm\n\nx86_64:\nipa-client-4.6.8-5.el7.x86_64.rpm\nipa-debuginfo-4.6.8-5.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nnoarch:\nipa-server-common-4.6.8-5.el7.noarch.rpm\nipa-server-dns-4.6.8-5.el7.noarch.rpm\npython2-ipaserver-4.6.8-5.el7.noarch.rpm\n\nx86_64:\nipa-debuginfo-4.6.8-5.el7.x86_64.rpm\nipa-server-4.6.8-5.el7.x86_64.rpm\nipa-server-trust-ad-4.6.8-5.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nipa-4.6.8-5.el7.src.rpm\n\nnoarch:\nipa-client-common-4.6.8-5.el7.noarch.rpm\nipa-common-4.6.8-5.el7.noarch.rpm\nipa-python-compat-4.6.8-5.el7.noarch.rpm\npython2-ipaclient-4.6.8-5.el7.noarch.rpm\npython2-ipalib-4.6.8-5.el7.noarch.rpm\n\nx86_64:\nipa-client-4.6.8-5.el7.x86_64.rpm\nipa-debuginfo-4.6.8-5.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nnoarch:\nipa-server-common-4.6.8-5.el7.noarch.rpm\nipa-server-dns-4.6.8-5.el7.noarch.rpm\npython2-ipaserver-4.6.8-5.el7.noarch.rpm\n\nx86_64:\nipa-debuginfo-4.6.8-5.el7.x86_64.rpm\nipa-server-4.6.8-5.el7.x86_64.rpm\nipa-server-trust-ad-4.6.8-5.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nipa-4.6.8-5.el7.src.rpm\n\nnoarch:\nipa-client-common-4.6.8-5.el7.noarch.rpm\nipa-common-4.6.8-5.el7.noarch.rpm\nipa-python-compat-4.6.8-5.el7.noarch.rpm\nipa-server-common-4.6.8-5.el7.noarch.rpm\nipa-server-dns-4.6.8-5.el7.noarch.rpm\npython2-ipaclient-4.6.8-5.el7.noarch.rpm\npython2-ipalib-4.6.8-5.el7.noarch.rpm\npython2-ipaserver-4.6.8-5.el7.noarch.rpm\n\nppc64:\nipa-client-4.6.8-5.el7.ppc64.rpm\nipa-debuginfo-4.6.8-5.el7.ppc64.rpm\n\nppc64le:\nipa-client-4.6.8-5.el7.ppc64le.rpm\nipa-debuginfo-4.6.8-5.el7.ppc64le.rpm\n\ns390x:\nipa-client-4.6.8-5.el7.s390x.rpm\nipa-debuginfo-4.6.8-5.el7.s390x.rpm\n\nx86_64:\nipa-client-4.6.8-5.el7.x86_64.rpm\nipa-debuginfo-4.6.8-5.el7.x86_64.rpm\nipa-server-4.6.8-5.el7.x86_64.rpm\nipa-server-trust-ad-4.6.8-5.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nipa-4.6.8-5.el7.src.rpm\n\nnoarch:\nipa-client-common-4.6.8-5.el7.noarch.rpm\nipa-common-4.6.8-5.el7.noarch.rpm\nipa-python-compat-4.6.8-5.el7.noarch.rpm\nipa-server-common-4.6.8-5.el7.noarch.rpm\nipa-server-dns-4.6.8-5.el7.noarch.rpm\npython2-ipaclient-4.6.8-5.el7.noarch.rpm\npython2-ipalib-4.6.8-5.el7.noarch.rpm\npython2-ipaserver-4.6.8-5.el7.noarch.rpm\n\nx86_64:\nipa-client-4.6.8-5.el7.x86_64.rpm\nipa-debuginfo-4.6.8-5.el7.x86_64.rpm\nipa-server-4.6.8-5.el7.x86_64.rpm\nipa-server-trust-ad-4.6.8-5.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-9251\nhttps://access.redhat.com/security/cve/CVE-2016-10735\nhttps://access.redhat.com/security/cve/CVE-2018-14040\nhttps://access.redhat.com/security/cve/CVE-2018-14042\nhttps://access.redhat.com/security/cve/CVE-2018-20676\nhttps://access.redhat.com/security/cve/CVE-2018-20677\nhttps://access.redhat.com/security/cve/CVE-2019-8331\nhttps://access.redhat.com/security/cve/CVE-2019-11358\nhttps://access.redhat.com/security/cve/CVE-2020-1722\nhttps://access.redhat.com/security/cve/CVE-2020-11022\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2020 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBX3Of/9zjgjWX9erEAQjmHBAAi+u4CgMbaduuYvMAMbNKqT/0X8Y02udQ\nmaW4rfZ6udfHWJ21h1VlD/INXHB3sBFC2vpXsgJD7dTkUsZYIx73LrQFkakTzIWc\nxSQalxNs+Fjh/ot/JMiKQzQUmZeu/vUYgVB81y+hczg5dys3q1mnu42GWe18sJIc\nFCY2R3mBTnFUZoc/3JDHeVRJU8eq51oqRgNaz+Fl+CoFkR81P6mD8wybIIAsBx14\nYkya/awQf+OuBCe5tqfTV1+KS2U4+tqiqapzALt7dhjfA9Jayc9/UvQjGCyrmGvP\n+BBBPSqGOS81jpPo0ouM3OtadWrGAWERMwtrR+POUp1rnMxy2kI0EpebnzSOtJy2\nxExPZtcTjjgWvIMDdrJJ5DXG6cP5j3GjyvFknmCtCqvXzo90gw73psi6roG+g/a8\nUyML+be8jnJK7571X3dz6OCYBExaHqM21ukUEfdvddszhw92J3fxmDm5+picETB9\ndZ++VtV1lCBOlKW1SDG/ggk7PeSRGTDL5IkekopO1w89r3QsfqyFudlsNT0dDgk7\n8Kzn8YpCWln1Kp0UbVushKRT+KllZRTKzXTBfiEWiYtQiwyL9zj/DrxagXXbiPe7\n5mZnk62sAdKya3On4ejgPQ8Nq8oKHzRfaig/CNaNiB00HgZcRdQokPQ9+DRnkdNS\nUR3S5ZAZvb8=SWQt\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Hello,\n\nI identified several vulnerabilities in dotCMS v5.1.1 due to vulnerable\nopen source dependencies. \nThe purpose of this text-only errata is to inform you about the security\nissues fixed in this release. \n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using PRIORITY frames results in excessive resource\nconsumption (CVE-2019-9513)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth\n(CVE-2019-9514)\n\n* HTTP/2: flood using SETTINGS frames results in unbounded memory growth\n(CVE-2019-9515)\n\n* HTTP/2: 0-length headers lead to denial of service (CVE-2019-9516)\n\n* HTTP/2: request for large response leads to denial of service\n(CVE-2019-9517)\n\n* HTTP/2: flood using empty frames results in excessive resource\nconsumption (CVE-2019-9518)\n\n* infinispan: invokeAccessibly method from ReflectionUtil class allows to\ninvoke private methods (CVE-2019-10174)\n\n* spring-security-core: mishandling of user passwords allows logging in\nwith a password of NULL (CVE-2019-11272)\n\n* jackson-databind: failure to block the logback-core class from\npolymorphic deserialization leading to remote code execution\n(CVE-2019-12384)\n\n* jackson-databind: default typing mishandling leading to remote code\nexecution (CVE-2019-14379)\n\n* xmlrpc: Deserialization of server-side exception from faultCause in\nXMLRPC error response (CVE-2019-17570)\n\n* js-jquery: Cross-site scripting via cross-domain ajax requests\n(CVE-2015-9251)\n\n* logback: Serialization vulnerability in SocketServer and\nServerSocketReceiver (CVE-2017-5929)\n\n* js-jquery: XSS in responses from cross-origin ajax requests\n(CVE-2017-16012)\n\n* apache-commons-compress: ZipArchiveInputStream.read() fails to identify\ncorrect EOF allowing for DoS via crafted zip (CVE-2018-11771)\n\n* spring-data-api: potential information disclosure through maliciously\ncrafted example value in ExampleMatcher (CVE-2019-3802)\n\n* undertow: leak credentials to log files\nUndertowLogger.REQUEST_LOGGER.undertowRequestFailed (CVE-2019-3888)\n\n* shiro: Cookie padding oracle vulnerability with default configuration\n(CVE-2019-12422)\n\n* jackson-databind: polymorphic typing issue allows attacker to read\narbitrary local files on the server via crafted JSON message. Solution:\n\nBefore applying the update, back up your existing installation, including\nall applications, configuration files, databases and database settings, and\nso on. \n\nInstallation instructions are available from the Fuse 7.6.0 product\ndocumentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1399546 - CVE-2015-9251 js-jquery: Cross-site scripting via cross-domain ajax requests\n1432858 - CVE-2017-5929 logback: Serialization vulnerability in SocketServer and ServerSocketReceiver\n1591854 - CVE-2017-16012 js-jquery: XSS in responses from cross-origin ajax requests\n1618573 - CVE-2018-11771 apache-commons-compress: ZipArchiveInputStream.read() fails to identify correct EOF allowing for DoS via crafted zip\n1643043 - CVE-2018-15756 springframework: DoS Attack via Range Requests\n1693777 - CVE-2019-3888 undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed\n1703469 - CVE-2019-10174 infinispan: invokeAccessibly method from ReflectionUtil class allows to invoke private methods\n1709860 - CVE-2019-5427 c3p0: loading XML configuration leads to denial of service\n1713068 - CVE-2019-10184 undertow: Information leak in requests for directories without trailing slashes\n1725795 - CVE-2019-12814 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message. \n1725807 - CVE-2019-12384 jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution\n1728993 - CVE-2019-11272 spring-security-core: mishandling of user passwords allows logging in with a password of NULL\n1730316 - CVE-2019-3802 spring-data-api: potential information disclosure through maliciously crafted example value in ExampleMatcher\n1735645 - CVE-2019-9512 HTTP/2: flood using PING frames results in unbounded memory growth\n1735741 - CVE-2019-9513 HTTP/2: flood using PRIORITY frames results in excessive resource consumption\n1735744 - CVE-2019-9514 HTTP/2: flood using HEADERS frames results in unbounded memory growth\n1735745 - CVE-2019-9515 HTTP/2: flood using SETTINGS frames results in unbounded memory growth\n1735749 - CVE-2019-9518 HTTP/2: flood using empty frames results in excessive resource consumption\n1737517 - CVE-2019-14379 jackson-databind: default typing mishandling leading to remote code execution\n1741864 - CVE-2019-9516 HTTP/2: 0-length headers lead to denial of service\n1741868 - CVE-2019-9517 HTTP/2: request for large response leads to denial of service\n1752962 - CVE-2019-14439 jackson-databind: Polymorphic typing issue related to logback/JNDI\n1774726 - CVE-2019-12422 shiro: Cookie padding oracle vulnerability with default configuration\n1775193 - CVE-2019-17570 xmlrpc: Deserialization of server-side exception from faultCause in XMLRPC error response\n\n5. OctoberCMS is a CMS similar to WordPress, but with much less \u201cfluff\u201d. SECURELI.com\u0027s team identified the latest version of OctoberCMS relying on Bootstrap 3.3.7, jQuery 1.11.1, and jQuery 3.3.1. All of these dependencies are vulnerable. \n\n\n\n--------------------------------------------------\n/october/themes/demo/assets/vendor/bootstrap.js\n\n\nbootstrap 3.3.7 has known vulnerabilities\nseverity: high\nissue: 28236\nsummary: XSS in data-template, data-content and data-title properties of tooltip/popover\n\nCVE-2019-8331\nhttps://github.com/twbs/bootstrap/issues/28236 \nseverity: medium\nissue: 20184\nsummary: XSS in data-target property of scrollspy\n\nCVE-2018-14041\nhttps://github.com/twbs/bootstrap/issues/20184 \nseverity: medium\nissue: 20184\nsummary: XSS in collapse data-parent attribute\n\nCVE-2018-14040\nhttps://github.com/twbs/bootstrap/issues/20184 \nseverity: medium\nissue: 20184\nsummary: XSS in data-container property of tooltip\n\nCVE-2018-14042\nhttps://github.com/twbs/bootstrap/issues/20184 \n\n\n\n--------------------------------------------------\n/october/themes/demo/assets/vendor/jquery.js\n\njquery 1.11.1 has known vulnerabilities\nseverity: medium\nissue: 2432\nsummary: 3rd party CORS request may execute\n\nCVE-2015-9251\n\nhttps://github.com/jquery/jquery/issues/2432\nhttp://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-9251\nhttp://research.insecurelabs.org/jquery/test/ \nseverity: medium\n\nCVE-2015-9251\nissue: 11974\nsummary: parseHTML() executes scripts in event handlers\n\nhttps://bugs.jquery.com/ticket/11974\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-9251\nhttp://research.insecurelabs.org/jquery/test/ \nseverity: low\n\nCVE-2019-11358\nsummary: jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, \u2026) because of Object.prototype pollution\n\nhttps://blog.jquery.com/2019/04/10/jquery-3-4-0-released/\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-11358\nhttps://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b \n\n\n\n--------------------------------------------------\n/october/modules/backend/assets/js/vendor/jquery-and-migrate.min.js\n\njquery 3.3.1 has known vulnerabilities\nseverity: low\n\nCVE-2019-11358\nsummary: jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, \u2026) because of Object.prototype pollution\n\nhttps://blog.jquery.com/2019/04/10/jquery-3-4-0-released/\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-11358\nhttps://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b \n\nAll of these vulnerabilities were identified using RetireJS (https://retirejs.github.io/retire.js/), which identifies open source dependency vulnerabilities. \n\n\n\nResearch provided by SECURELI.com\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-9251"
          },
          {
            "db": "VULHUB",
            "id": "VHN-87212"
          },
          {
            "db": "PACKETSTORM",
            "id": "159852"
          },
          {
            "db": "PACKETSTORM",
            "id": "170821"
          },
          {
            "db": "PACKETSTORM",
            "id": "170817"
          },
          {
            "db": "PACKETSTORM",
            "id": "159876"
          },
          {
            "db": "PACKETSTORM",
            "id": "159353"
          },
          {
            "db": "PACKETSTORM",
            "id": "152787"
          },
          {
            "db": "PACKETSTORM",
            "id": "156941"
          },
          {
            "db": "PACKETSTORM",
            "id": "156743"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2015-9251",
            "trust": 1.9
          },
          {
            "db": "PACKETSTORM",
            "id": "156743",
            "trust": 1.2
          },
          {
            "db": "PACKETSTORM",
            "id": "152787",
            "trust": 1.2
          },
          {
            "db": "PACKETSTORM",
            "id": "153237",
            "trust": 1.1
          },
          {
            "db": "TENABLE",
            "id": "TNS-2019-08",
            "trust": 1.1
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-18-212-04",
            "trust": 1.1
          },
          {
            "db": "PULSESECURE",
            "id": "SA44601",
            "trust": 1.1
          },
          {
            "db": "BID",
            "id": "105658",
            "trust": 1.1
          },
          {
            "db": "PACKETSTORM",
            "id": "159353",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "170817",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "159876",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "159852",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "170821",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "156941",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "156315",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "170819",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "170823",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "156630",
            "trust": 0.1
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201801-798",
            "trust": 0.1
          },
          {
            "db": "SEEBUG",
            "id": "SSVID-98926",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-87212",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87212"
          },
          {
            "db": "PACKETSTORM",
            "id": "159852"
          },
          {
            "db": "PACKETSTORM",
            "id": "170821"
          },
          {
            "db": "PACKETSTORM",
            "id": "170817"
          },
          {
            "db": "PACKETSTORM",
            "id": "159876"
          },
          {
            "db": "PACKETSTORM",
            "id": "159353"
          },
          {
            "db": "PACKETSTORM",
            "id": "152787"
          },
          {
            "db": "PACKETSTORM",
            "id": "156941"
          },
          {
            "db": "PACKETSTORM",
            "id": "156743"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9251"
          }
        ]
      },
      "id": "VAR-201801-0036",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87212"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-03-09T20:29:22.127000Z",
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87212"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9251"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 1.3,
            "url": "https://github.com/jquery/jquery/issues/2432"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/bid/105658"
          },
          {
            "trust": 1.1,
            "url": "https://seclists.org/bugtraq/2019/may/18"
          },
          {
            "trust": 1.1,
            "url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa44601"
          },
          {
            "trust": 1.1,
            "url": "https://security.netapp.com/advisory/ntap-20210108-0004/"
          },
          {
            "trust": 1.1,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
          },
          {
            "trust": 1.1,
            "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
          },
          {
            "trust": 1.1,
            "url": "https://www.tenable.com/security/tns-2019-08"
          },
          {
            "trust": 1.1,
            "url": "http://seclists.org/fulldisclosure/2019/may/13"
          },
          {
            "trust": 1.1,
            "url": "http://seclists.org/fulldisclosure/2019/may/11"
          },
          {
            "trust": 1.1,
            "url": "http://seclists.org/fulldisclosure/2019/may/10"
          },
          {
            "trust": 1.1,
            "url": "http://packetstormsecurity.com/files/152787/dotcms-5.1.1-vulnerable-dependencies.html"
          },
          {
            "trust": 1.1,
            "url": "http://packetstormsecurity.com/files/153237/retirejs-cors-issue-script-execution.html"
          },
          {
            "trust": 1.1,
            "url": "http://packetstormsecurity.com/files/156743/octobercms-insecure-dependencies.html"
          },
          {
            "trust": 1.1,
            "url": "https://github.com/jquery/jquery/commit/f60729f3903d17917dc351f3ac87794de379b0cc"
          },
          {
            "trust": 1.1,
            "url": "https://github.com/jquery/jquery/pull/2588"
          },
          {
            "trust": 1.1,
            "url": "https://github.com/jquery/jquery/pull/2588/commits/c254d308a7d3f1eac4d0b42837804cfffcba4bb2"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-212-04"
          },
          {
            "trust": 1.1,
            "url": "https://snyk.io/vuln/npm:jquery:20150627"
          },
          {
            "trust": 1.1,
            "url": "https://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/securitybulletin_lfsec126.pdf"
          },
          {
            "trust": 1.1,
            "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
          },
          {
            "trust": 1.1,
            "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
          },
          {
            "trust": 1.1,
            "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
          },
          {
            "trust": 1.1,
            "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
          },
          {
            "trust": 1.1,
            "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
          },
          {
            "trust": 1.1,
            "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
          },
          {
            "trust": 1.1,
            "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
          },
          {
            "trust": 1.1,
            "url": "https://access.redhat.com/errata/rhsa-2020:0481"
          },
          {
            "trust": 1.1,
            "url": "https://access.redhat.com/errata/rhsa-2020:0729"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00041.html"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731%40%3cdev.flink.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3cissues.drill.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3cdev.drill.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2%40%3cuser.flink.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49%40%3cuser.flink.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3ccommits.roller.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3cdev.drill.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854%40%3cuser.flink.apache.org%3e"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-9251"
          },
          {
            "trust": 0.7,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11358"
          },
          {
            "trust": 0.7,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-14040"
          },
          {
            "trust": 0.6,
            "url": "https://access.redhat.com/security/cve/cve-2015-9251"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-14042"
          },
          {
            "trust": 0.6,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.6,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8331"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/cve/cve-2018-14042"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/cve/cve-2019-8331"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/cve/cve-2018-14040"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/cve/cve-2019-11358"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-11022"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-10735"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/cve/cve-2020-11022"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/cve/cve-2016-10735"
          },
          {
            "trust": 0.4,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-14041"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-11023"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2020-11023"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/updates/classification/#moderate"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/updates/classification/#important"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2022-40150"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-3143"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2022-42003"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2022-42004"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-40150"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2022-45047"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18214"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-40152"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-40149"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2022-40149"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2022-40152"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2018-14041"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2017-18214"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2022-45693"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2022-46364"
          },
          {
            "trust": 0.2,
            "url": "https://issues.jboss.org/):"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2022-3143"
          },
          {
            "trust": 0.2,
            "url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1722"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2018-20676"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2020-1722"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-20676"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-20677"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2018-20677"
          },
          {
            "trust": 0.2,
            "url": "https://github.com/twbs/bootstrap/issues/20184"
          },
          {
            "trust": 0.2,
            "url": "http://research.insecurelabs.org/jquery/test/"
          },
          {
            "trust": 0.2,
            "url": "http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/"
          },
          {
            "trust": 0.2,
            "url": "https://bugs.jquery.com/ticket/11974"
          },
          {
            "trust": 0.2,
            "url": "https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b"
          },
          {
            "trust": 0.2,
            "url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
          },
          {
            "trust": 0.2,
            "url": "https://github.com/twbs/bootstrap/issues/28236"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3cdev.drill.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3cdev.drill.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3cissues.drill.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731@%3cdev.flink.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854@%3cuser.flink.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49@%3cuser.flink.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2@%3cuser.flink.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3ccommits.roller.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1721"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-10146"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10221"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2020-1721"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-15720"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2020-15720"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10146"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-10179"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10179"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-10221"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2020:4847"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2023:0552"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2023:0556"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=securitypatches\u0026product=appplatform\u0026version=7.4"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2020:4670"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2020:3936"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/dojo/dojo/pull/307"
          },
          {
            "trust": 0.1,
            "url": "http://www.cvedetails.com/cve/cve-2008-7220/"
          },
          {
            "trust": 0.1,
            "url": "https://dojotoolkit.org/blog/dojo-1-14-released"
          },
          {
            "trust": 0.1,
            "url": "https://www.tinymce.com/docs/changelog/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-7220"
          },
          {
            "trust": 0.1,
            "url": "http://secureli.com/dotcms-v5-1-1-vulnerable-open-source-dependencies/"
          },
          {
            "trust": 0.1,
            "url": "http://prototypejs.org/2008/01/25/prototype-1-6-0-2-bug-fixes-performance-improvements-and-security/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9513"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9514"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9517"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10174"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-10184"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14379"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9515"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-11771"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5427"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-9512"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-9514"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-12422"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-3888"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-9517"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-9515"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5929"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-12422"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14439"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-9516"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-9518"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11272"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.6/"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-17570"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-3888"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-9513"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-17570"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=jboss.fuse\u0026version=7.6.0"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2017-5929"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2018-11771"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-14439"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-3802"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-12814"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9512"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10184"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-12384"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2018-15756"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-5427"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-15756"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2017-16012"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-10174"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-12384"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-11272"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9516"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-3802"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-12814"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9518"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-16012"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2020:0983"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-14379"
          },
          {
            "trust": 0.1,
            "url": "https://retirejs.github.io/retire.js/),"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-87212"
          },
          {
            "db": "PACKETSTORM",
            "id": "159852"
          },
          {
            "db": "PACKETSTORM",
            "id": "170821"
          },
          {
            "db": "PACKETSTORM",
            "id": "170817"
          },
          {
            "db": "PACKETSTORM",
            "id": "159876"
          },
          {
            "db": "PACKETSTORM",
            "id": "159353"
          },
          {
            "db": "PACKETSTORM",
            "id": "152787"
          },
          {
            "db": "PACKETSTORM",
            "id": "156941"
          },
          {
            "db": "PACKETSTORM",
            "id": "156743"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9251"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-87212",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "159852",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "170821",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "170817",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "159876",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "159353",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "152787",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "156941",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "156743",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2015-9251",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2018-01-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-87212",
            "ident": null
          },
          {
            "date": "2020-11-04T15:29:15",
            "db": "PACKETSTORM",
            "id": "159852",
            "ident": null
          },
          {
            "date": "2023-01-31T17:21:40",
            "db": "PACKETSTORM",
            "id": "170821",
            "ident": null
          },
          {
            "date": "2023-01-31T17:16:43",
            "db": "PACKETSTORM",
            "id": "170817",
            "ident": null
          },
          {
            "date": "2020-11-04T15:32:52",
            "db": "PACKETSTORM",
            "id": "159876",
            "ident": null
          },
          {
            "date": "2020-09-30T15:44:20",
            "db": "PACKETSTORM",
            "id": "159353",
            "ident": null
          },
          {
            "date": "2019-05-09T13:33:33",
            "db": "PACKETSTORM",
            "id": "152787",
            "ident": null
          },
          {
            "date": "2020-03-27T13:16:40",
            "db": "PACKETSTORM",
            "id": "156941",
            "ident": null
          },
          {
            "date": "2020-03-15T12:44:44",
            "db": "PACKETSTORM",
            "id": "156743",
            "ident": null
          },
          {
            "date": "2018-01-18T23:29:00.307000",
            "db": "NVD",
            "id": "CVE-2015-9251",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2021-01-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-87212",
            "ident": null
          },
          {
            "date": "2024-11-21T02:40:09.093000",
            "db": "NVD",
            "id": "CVE-2015-9251",
            "ident": null
          }
        ]
      },
      "title": {
        "_id": null,
        "data": "Red Hat Security Advisory 2020-4847-01",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "159852"
          }
        ],
        "trust": 0.1
      },
      "type": {
        "_id": null,
        "data": "code execution, xss, memory leak",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "159852"
          },
          {
            "db": "PACKETSTORM",
            "id": "159876"
          },
          {
            "db": "PACKETSTORM",
            "id": "159353"
          }
        ],
        "trust": 0.3
      }
    }

    VAR-202009-0219

    Vulnerability from variot - Updated: 2025-12-19 22:48

    SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter ClassName in CHaD.asmx is vulnerable to unauthenticated SQL injection attacks. Aveva eDNA Enterprise Data Historian is a real-time historical data management software from AVEVA (Aveva) in the UK. The software can collect, store, process, and display asset-related information to provide better information for decision-making. The vulnerability stems from the lack of validation of externally input SQL statements in database-based applications. An attacker can exploit this vulnerability to execute illegal SQL commands. A remote attacker could send specially-crafted SQL statements, which could allow the malicious user to view, add, modify or delete information in the back-end database

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202009-0219",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "edna enterprise data historian",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "aveva",
            "version": "3.0.1.2\\/7.5.4989.33053"
          },
          {
            "model": "edna enterprise data historian",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "aveva",
            "version": "3.0.1.2/7.5.4989.33053"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24160"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-13500"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Discovered by Yuri Kramarz of Cisco Talos.",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-669"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2020-13500",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2020-13500",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.1,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2025-24160",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-13500",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "talos-cna@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-13500",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-13500",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "talos-cna@cisco.com",
                "id": "CVE-2020-13500",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-24160",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202009-669",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULMON",
                "id": "CVE-2020-13500",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24160"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-13500"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-669"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-13500"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-13500"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter ClassName in CHaD.asmx is vulnerable to unauthenticated SQL injection attacks. Aveva eDNA Enterprise Data Historian is a real-time historical data management software from AVEVA (Aveva) in the UK. The software can collect, store, process, and display asset-related information to provide better information for decision-making. The vulnerability stems from the lack of validation of externally input SQL statements in database-based applications. An attacker can exploit this vulnerability to execute illegal SQL commands. A remote attacker could send specially-crafted SQL statements, which could allow the malicious user to view, add, modify or delete information in the back-end database",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-13500"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24160"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-669"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-13500"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-13500",
            "trust": 2.3
          },
          {
            "db": "TALOS",
            "id": "TALOS-2020-1106",
            "trust": 1.7
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-20-254-01",
            "trust": 1.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24160",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.3141",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-669",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-13500",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24160"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-13500"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-669"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-13500"
          }
        ]
      },
      "id": "VAR-202009-0219",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24160"
          }
        ],
        "trust": 0.06
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24160"
          }
        ]
      },
      "last_update_date": "2025-12-19T22:48:37.875000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Patch for AVEVA eDNA Enterprise Data Historian SQL Injection Vulnerability (CNVD-2025-24160)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/743386"
          },
          {
            "title": "AVEVA Web sql Repair measures for injecting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=128113"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24160"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-669"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-89",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-13500"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.3,
            "url": "https://talosintelligence.com/vulnerability_reports/talos-2020-1106"
          },
          {
            "trust": 1.7,
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-254-01"
          },
          {
            "trust": 1.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-13500"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.3141/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/89.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/188128"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24160"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-13500"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-669"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-13500"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24160"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-13500"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-669"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-13500"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24160"
          },
          {
            "date": "2020-09-24T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-13500"
          },
          {
            "date": "2020-09-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202009-669"
          },
          {
            "date": "2020-09-24T15:15:13.377000",
            "db": "NVD",
            "id": "CVE-2020-13500"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24160"
          },
          {
            "date": "2020-09-30T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-13500"
          },
          {
            "date": "2022-03-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202009-669"
          },
          {
            "date": "2024-11-21T05:01:23.213000",
            "db": "NVD",
            "id": "CVE-2020-13500"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-669"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "AVEVA eDNA Enterprise Data Historian SQL Injection Vulnerability (CNVD-2025-24160)",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24160"
          }
        ],
        "trust": 0.6
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "SQL injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202009-669"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201409-0722

    Vulnerability from variot - Updated: 2025-11-19 23:15

    Multiple cross-site scripting (XSS) vulnerabilities in Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. ClearSCADA is an integrated SCADA host platform that includes a rotation training engine, real-time database, web server, alarm processor and reporting software. A cross-site scripting vulnerability exists in the ClearSCADA WEB interface that allows an attacker to exploit a vulnerability to construct a malicious URI, to induce user resolution, and to perform system management operations. Scada Expert Clearscada is prone to a cross-site scripting vulnerability. Schneider Electric StruxureWare SCADA Expert ClearSCADA is a set of energy efficiency management software monitoring platform of French Schneider Electric (Schneider Electric). The platform is primarily used for remote management of critical infrastructure

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201409-0722",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": null,
            "scope": "eq",
            "trust": 2.0,
            "vendor": "clearscada",
            "version": "2013"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": "2014"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": "2013"
          },
          {
            "model": "clearscada",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "aveva",
            "version": "2013"
          },
          {
            "model": "clearscada",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "aveva",
            "version": "2010"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.8,
            "vendor": "clearscada",
            "version": "2010"
          },
          {
            "model": "clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2010 r3 (build 72.4560)"
          },
          {
            "model": "clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2010 r3.1 (build 72.4644)"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2013 r1 (build 73.4729)"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2013 r1.1 (build 73.4832)"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2013 r1.1a (build 73.4903)"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2013 r1.2 (build 73.4955)"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2013 r2 (build 74.5094)"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2013 r2.1 (build 74.5192)"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2014 r1 (build 75.5210)"
          },
          {
            "model": "electric clearscada r3 (build",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider",
            "version": "201072.4560)"
          },
          {
            "model": "electric clearscada r3.1 (build",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider",
            "version": "201072.4644)"
          },
          {
            "model": "electric scada expert clearscada r1 (build",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider",
            "version": "201373.4729)"
          },
          {
            "model": "electric scada expert clearscada r1.1 (build",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider",
            "version": "201373.4832)"
          },
          {
            "model": "electric scada expert clearscada r1.1a (build",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider",
            "version": "201373.4903)"
          },
          {
            "model": "electric scada expert clearscada r1.2 (build",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider",
            "version": "201373.4955)"
          },
          {
            "model": "electric scada expert clearscada r2 (build",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider",
            "version": "201374.5094)"
          },
          {
            "model": "electric scada expert clearscada r2.1 (build",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider",
            "version": "201374.5192)"
          },
          {
            "model": "electric scada expert clearscada r1 (build",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider",
            "version": "201475.5210)"
          },
          {
            "model": "clearscada",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": "2010"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "scada expert clearscada",
            "version": "2013"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "scada expert clearscada",
            "version": "2014"
          },
          {
            "model": "scada expert clearscada r1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "2014"
          },
          {
            "model": "scada expert clearscada r2.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "2013"
          },
          {
            "model": "scada expert clearscada r2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "2013"
          },
          {
            "model": "scada expert clearscada r1.2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "2013"
          },
          {
            "model": "scada expert clearscada r1.1a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "2013"
          },
          {
            "model": "scada expert clearscada r1.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "2013"
          },
          {
            "model": "scada expert clearscada r1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "2013"
          },
          {
            "model": "clearscada r3.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "2010"
          },
          {
            "model": "clearscada r3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "schneider electric",
            "version": "2010"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "770608ec-1eb9-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "dcdeebb0-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06196"
          },
          {
            "db": "BID",
            "id": "80073"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201409-656"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004282"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-5411"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:schneider_electric:clearscada",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:schneider_electric:scada_expert_clearscada",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004282"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Unknown",
        "sources": [
          {
            "db": "BID",
            "id": "80073"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2014-5411",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CVE-2014-5411",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "HIGH",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "ics-cert@hq.dhs.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 4.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2014-5411",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:H/Au:S/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CNVD-2014-06196",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "IVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "770608ec-1eb9-11e6-abef-000c29c66e3d",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.2,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "IVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "dcdeebb0-2351-11e6-abef-000c29c66e3d",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.2,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "VHN-73352",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:S/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "ics-cert@hq.dhs.gov",
                "id": "CVE-2014-5411",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2014-5411",
                "trust": 1.0,
                "value": "LOW"
              },
              {
                "author": "NVD",
                "id": "CVE-2014-5411",
                "trust": 0.8,
                "value": "Low"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2014-06196",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201409-656",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "IVD",
                "id": "770608ec-1eb9-11e6-abef-000c29c66e3d",
                "trust": 0.2,
                "value": "LOW"
              },
              {
                "author": "IVD",
                "id": "dcdeebb0-2351-11e6-abef-000c29c66e3d",
                "trust": 0.2,
                "value": "LOW"
              },
              {
                "author": "VULHUB",
                "id": "VHN-73352",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "770608ec-1eb9-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "dcdeebb0-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06196"
          },
          {
            "db": "VULHUB",
            "id": "VHN-73352"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201409-656"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004282"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-5411"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-5411"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple cross-site scripting (XSS) vulnerabilities in Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. ClearSCADA is an integrated SCADA host platform that includes a rotation training engine, real-time database, web server, alarm processor and reporting software. A cross-site scripting vulnerability exists in the ClearSCADA WEB interface that allows an attacker to exploit a vulnerability to construct a malicious URI, to induce user resolution, and to perform system management operations. Scada Expert Clearscada is prone to a cross-site scripting vulnerability. Schneider Electric StruxureWare SCADA Expert ClearSCADA is a set of energy efficiency management software monitoring platform of French Schneider Electric (Schneider Electric). The platform is primarily used for remote management of critical infrastructure",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2014-5411"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004282"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06196"
          },
          {
            "db": "BID",
            "id": "80073"
          },
          {
            "db": "IVD",
            "id": "770608ec-1eb9-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "dcdeebb0-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "VULHUB",
            "id": "VHN-73352"
          }
        ],
        "trust": 2.88
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2014-5411",
            "trust": 3.8
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-14-259-01",
            "trust": 3.4
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06196",
            "trust": 1.0
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201409-656",
            "trust": 1.0
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-14-259-01A",
            "trust": 1.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004282",
            "trust": 0.8
          },
          {
            "db": "OSVDB",
            "id": "111238",
            "trust": 0.6
          },
          {
            "db": "BID",
            "id": "80073",
            "trust": 0.4
          },
          {
            "db": "IVD",
            "id": "770608EC-1EB9-11E6-ABEF-000C29C66E3D",
            "trust": 0.2
          },
          {
            "db": "IVD",
            "id": "DCDEEBB0-2351-11E6-ABEF-000C29C66E3D",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-73352",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "770608ec-1eb9-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "dcdeebb0-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06196"
          },
          {
            "db": "VULHUB",
            "id": "VHN-73352"
          },
          {
            "db": "BID",
            "id": "80073"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201409-656"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004282"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-5411"
          }
        ]
      },
      "id": "VAR-201409-0722",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "770608ec-1eb9-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "dcdeebb0-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06196"
          },
          {
            "db": "VULHUB",
            "id": "VHN-73352"
          }
        ],
        "trust": 2.0027777833333333
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "770608ec-1eb9-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "dcdeebb0-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06196"
          }
        ]
      },
      "last_update_date": "2025-11-19T23:15:03.200000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "StruxureWare SCADA Expert ClearSCADA",
            "trust": 0.8,
            "url": "http://www.schneider-electric.com/products/ww/en/5100-software/5135-operating-monitoring/61264-struxureware-scada-expert-clearscada/?xtmc=ClearSCADA\u0026xtcr=1"
          },
          {
            "title": "Patch for Schneider Electric ClearSCADA Cross-Site Scripting Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/50244"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-06196"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004282"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-73352"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004282"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-5411"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.4,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-14-259-01"
          },
          {
            "trust": 1.4,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-5411"
          },
          {
            "trust": 1.0,
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-259-01a"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/cisagov/csaf/blob/develop/csaf_files/ot/white/2014/icsa-14-259-01a.json"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-5411"
          },
          {
            "trust": 0.6,
            "url": "http://osvdb.com/show/osvdb/111238"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-06196"
          },
          {
            "db": "VULHUB",
            "id": "VHN-73352"
          },
          {
            "db": "BID",
            "id": "80073"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201409-656"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004282"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-5411"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "770608ec-1eb9-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "dcdeebb0-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06196"
          },
          {
            "db": "VULHUB",
            "id": "VHN-73352"
          },
          {
            "db": "BID",
            "id": "80073"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201409-656"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004282"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-5411"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-09-23T00:00:00",
            "db": "IVD",
            "id": "770608ec-1eb9-11e6-abef-000c29c66e3d"
          },
          {
            "date": "2014-09-23T00:00:00",
            "db": "IVD",
            "id": "dcdeebb0-2351-11e6-abef-000c29c66e3d"
          },
          {
            "date": "2014-09-23T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-06196"
          },
          {
            "date": "2014-09-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-73352"
          },
          {
            "date": "2014-09-18T00:00:00",
            "db": "BID",
            "id": "80073"
          },
          {
            "date": "2014-09-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201409-656"
          },
          {
            "date": "2014-09-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-004282"
          },
          {
            "date": "2014-09-18T10:55:11.640000",
            "db": "NVD",
            "id": "CVE-2014-5411"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-09-23T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-06196"
          },
          {
            "date": "2018-12-31T00:00:00",
            "db": "VULHUB",
            "id": "VHN-73352"
          },
          {
            "date": "2014-09-18T00:00:00",
            "db": "BID",
            "id": "80073"
          },
          {
            "date": "2014-09-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201409-656"
          },
          {
            "date": "2014-09-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-004282"
          },
          {
            "date": "2025-11-04T23:15:33.223000",
            "db": "NVD",
            "id": "CVE-2014-5411"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201409-656"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Schneider Electric ClearSCADA Cross-Site Scripting Vulnerability",
        "sources": [
          {
            "db": "IVD",
            "id": "770608ec-1eb9-11e6-abef-000c29c66e3d"
          },
          {
            "db": "IVD",
            "id": "dcdeebb0-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06196"
          }
        ],
        "trust": 1.0
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201409-656"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201409-0724

    Vulnerability from variot - Updated: 2025-11-19 23:15

    Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 uses the MD5 algorithm for an X.509 certificate, which makes it easier for remote attackers to spoof servers via a cryptographic attack against this algorithm. ClearSCADA is an integrated SCADA host platform. Schneider Electric ClearSCADA has a remote unknown vulnerability that allows an attacker to exploit the vulnerability to obtain sensitive information. Information obtained may lead to further attacks. Schneider Electric StruxureWare SCADA Expert ClearSCADA is a set of energy efficiency management software monitoring platform of French Schneider Electric (Schneider Electric). The platform is primarily used for remote management of critical infrastructure. There is an encryption issue vulnerability in Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 to 2014 R1

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201409-0724",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": "2014"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": "2013"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 1.0,
            "vendor": "clearscada",
            "version": "2013"
          },
          {
            "model": "clearscada",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "aveva",
            "version": "2013"
          },
          {
            "model": "clearscada",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "aveva",
            "version": "2010"
          },
          {
            "model": "clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2010 r3 (build 72.4560)"
          },
          {
            "model": "clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2010 r3.1 (build 72.4644)"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2013 r1 (build 73.4729)"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2013 r1.1 (build 73.4832)"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2013 r1.1a (build 73.4903)"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2013 r1.2 (build 73.4955)"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2013 r2 (build 74.5094)"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2013 r2.1 (build 74.5192)"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2014 r1 (build 75.5210)"
          },
          {
            "model": "electric clearscada r3-2014 r1",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider",
            "version": "2010"
          },
          {
            "model": "clearscada",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": "2010"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "clearscada",
            "version": "2010"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "scada expert clearscada",
            "version": "2013"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "scada expert clearscada",
            "version": "2014"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "dcfe0734-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06121"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201409-658"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004284"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-5413"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:schneider_electric:clearscada",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:schneider_electric:scada_expert_clearscada",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004284"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Aditya Sood",
        "sources": [
          {
            "db": "BID",
            "id": "69842"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2014-5413",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "ics-cert@hq.dhs.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2014-5413",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2014-5413",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.0,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2014-5413",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2014-06121",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "dcfe0734-2351-11e6-abef-000c29c66e3d",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-73354",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "ics-cert@hq.dhs.gov",
                "id": "CVE-2014-5413",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2014-5413",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2014-5413",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2014-06121",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201409-658",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "IVD",
                "id": "dcfe0734-2351-11e6-abef-000c29c66e3d",
                "trust": 0.2,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-73354",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "dcfe0734-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06121"
          },
          {
            "db": "VULHUB",
            "id": "VHN-73354"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201409-658"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004284"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-5413"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-5413"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 uses the MD5 algorithm for an X.509 certificate, which makes it easier for remote attackers to spoof servers via a cryptographic attack against this algorithm. ClearSCADA is an integrated SCADA host platform. Schneider Electric ClearSCADA has a remote unknown vulnerability that allows an attacker to exploit the vulnerability to obtain sensitive information. Information obtained may lead to further attacks. Schneider Electric StruxureWare SCADA Expert ClearSCADA is a set of energy efficiency management software monitoring platform of French Schneider Electric (Schneider Electric). The platform is primarily used for remote management of critical infrastructure. There is an encryption issue vulnerability in Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 to 2014 R1",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2014-5413"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004284"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06121"
          },
          {
            "db": "BID",
            "id": "69842"
          },
          {
            "db": "IVD",
            "id": "dcfe0734-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "VULHUB",
            "id": "VHN-73354"
          }
        ],
        "trust": 2.7
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2014-5413",
            "trust": 3.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-14-259-01",
            "trust": 2.5
          },
          {
            "db": "BID",
            "id": "69842",
            "trust": 1.0
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-14-259-01A",
            "trust": 1.0
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201409-658",
            "trust": 0.9
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06121",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004284",
            "trust": 0.8
          },
          {
            "db": "IVD",
            "id": "DCFE0734-2351-11E6-ABEF-000C29C66E3D",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-73354",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "dcfe0734-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06121"
          },
          {
            "db": "VULHUB",
            "id": "VHN-73354"
          },
          {
            "db": "BID",
            "id": "69842"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201409-658"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004284"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-5413"
          }
        ]
      },
      "id": "VAR-201409-0724",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "dcfe0734-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06121"
          },
          {
            "db": "VULHUB",
            "id": "VHN-73354"
          }
        ],
        "trust": 1.9
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "dcfe0734-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06121"
          }
        ]
      },
      "last_update_date": "2025-11-19T23:15:03.156000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "StruxureWare SCADA Expert ClearSCADA",
            "trust": 0.8,
            "url": "http://www.schneider-electric.com/products/ww/en/5100-software/5135-operating-monitoring/61264-struxureware-scada-expert-clearscada/?xtmc=ClearSCADA\u0026xtcr=1"
          },
          {
            "title": "Schneider Electric ClearSCADA has patches for remote unknown vulnerabilities",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/50145"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-06121"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004284"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-310",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-73354"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004284"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-5413"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-14-259-01"
          },
          {
            "trust": 1.0,
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-259-01a"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/cisagov/csaf/blob/develop/csaf_files/ot/white/2014/icsa-14-259-01a.json"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-5413"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-5413"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/bid/69842/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-06121"
          },
          {
            "db": "VULHUB",
            "id": "VHN-73354"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201409-658"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004284"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-5413"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "dcfe0734-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06121"
          },
          {
            "db": "VULHUB",
            "id": "VHN-73354"
          },
          {
            "db": "BID",
            "id": "69842"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201409-658"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004284"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-5413"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-09-22T00:00:00",
            "db": "IVD",
            "id": "dcfe0734-2351-11e6-abef-000c29c66e3d"
          },
          {
            "date": "2014-09-22T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-06121"
          },
          {
            "date": "2014-09-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-73354"
          },
          {
            "date": "2014-09-16T00:00:00",
            "db": "BID",
            "id": "69842"
          },
          {
            "date": "2014-09-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201409-658"
          },
          {
            "date": "2014-09-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-004284"
          },
          {
            "date": "2014-09-18T10:55:11.733000",
            "db": "NVD",
            "id": "CVE-2014-5413"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-09-22T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-06121"
          },
          {
            "date": "2018-12-31T00:00:00",
            "db": "VULHUB",
            "id": "VHN-73354"
          },
          {
            "date": "2014-10-08T07:00:00",
            "db": "BID",
            "id": "69842"
          },
          {
            "date": "2014-09-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201409-658"
          },
          {
            "date": "2014-09-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-004284"
          },
          {
            "date": "2025-11-04T23:15:33.543000",
            "db": "NVD",
            "id": "CVE-2014-5413"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201409-658"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Schneider Electric StruxureWare SCADA Expert ClearSCADA Vulnerable to server impersonation",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004284"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "encryption problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201409-658"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201409-0723

    Vulnerability from variot - Updated: 2025-11-18 15:15

    Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 allows remote attackers to read database records by leveraging access to the guest account. ClearSCADA is an integrated SCADA host platform. Schneider Electric ClearSCADA has a remote security bypass vulnerability that allows an attacker to exploit this vulnerability to bypass security restrictions and perform unauthorized operations. Schneider Electric ClearSCADA is prone to a remote security-bypass vulnerability. The platform is primarily used for remote management of critical infrastructure

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201409-0723",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": "2014"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "schneider electric",
            "version": "2013"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 1.0,
            "vendor": "clearscada",
            "version": "2013"
          },
          {
            "model": "clearscada",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "aveva",
            "version": "2013"
          },
          {
            "model": "clearscada",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "aveva",
            "version": "2010"
          },
          {
            "model": "clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2010 r3 (build 72.4560)"
          },
          {
            "model": "clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2010 r3.1 (build 72.4644)"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2013 r1 (build 73.4729)"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2013 r1.1 (build 73.4832)"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2013 r1.1a (build 73.4903)"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2013 r1.2 (build 73.4955)"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2013 r2 (build 74.5094)"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2013 r2.1 (build 74.5192)"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2014 r1 (build 75.5210)"
          },
          {
            "model": "electric clearscada",
            "scope": null,
            "trust": 0.6,
            "vendor": "schneider",
            "version": null
          },
          {
            "model": "clearscada",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": "2010"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.4,
            "vendor": "clearscada",
            "version": "2010"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "scada expert clearscada",
            "version": "2013"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "scada expert clearscada",
            "version": "2014"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "dcf002d8-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06087"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201409-657"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004283"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-5412"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:schneider_electric:clearscada",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:schneider_electric:scada_expert_clearscada",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004283"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "CERT",
        "sources": [
          {
            "db": "BID",
            "id": "69840"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2014-5412",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2014-5412",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "ics-cert@hq.dhs.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2014-5412",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2014-06087",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "dcf002d8-2351-11e6-abef-000c29c66e3d",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-73353",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "ics-cert@hq.dhs.gov",
                "id": "CVE-2014-5412",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2014-5412",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2014-5412",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2014-06087",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201409-657",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "IVD",
                "id": "dcf002d8-2351-11e6-abef-000c29c66e3d",
                "trust": 0.2,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-73353",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "dcf002d8-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06087"
          },
          {
            "db": "VULHUB",
            "id": "VHN-73353"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201409-657"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004283"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-5412"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-5412"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 allows remote attackers to read database records by leveraging access to the guest account. ClearSCADA is an integrated SCADA host platform. Schneider Electric ClearSCADA has a remote security bypass vulnerability that allows an attacker to exploit this vulnerability to bypass security restrictions and perform unauthorized operations. Schneider Electric ClearSCADA is prone to a remote security-bypass vulnerability. The platform is primarily used for remote management of critical infrastructure",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2014-5412"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004283"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06087"
          },
          {
            "db": "BID",
            "id": "69840"
          },
          {
            "db": "IVD",
            "id": "dcf002d8-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "VULHUB",
            "id": "VHN-73353"
          }
        ],
        "trust": 2.7
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2014-5412",
            "trust": 3.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-14-259-01",
            "trust": 2.8
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-14-259-01A",
            "trust": 1.3
          },
          {
            "db": "BID",
            "id": "69840",
            "trust": 1.0
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201409-657",
            "trust": 0.9
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06087",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004283",
            "trust": 0.8
          },
          {
            "db": "IVD",
            "id": "DCF002D8-2351-11E6-ABEF-000C29C66E3D",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-73353",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "dcf002d8-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06087"
          },
          {
            "db": "VULHUB",
            "id": "VHN-73353"
          },
          {
            "db": "BID",
            "id": "69840"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201409-657"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004283"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-5412"
          }
        ]
      },
      "id": "VAR-201409-0723",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "dcf002d8-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06087"
          },
          {
            "db": "VULHUB",
            "id": "VHN-73353"
          }
        ],
        "trust": 1.9
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "dcf002d8-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06087"
          }
        ]
      },
      "last_update_date": "2025-11-18T15:15:10.874000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "StruxureWare SCADA Expert ClearSCADA",
            "trust": 0.8,
            "url": "http://www.schneider-electric.com/products/ww/en/5100-software/5135-operating-monitoring/61264-struxureware-scada-expert-clearscada/?xtmc=ClearSCADA\u0026xtcr=1"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004283"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-264",
            "trust": 1.9
          },
          {
            "problemtype": "CWE-287",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-73353"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004283"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-5412"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.8,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-14-259-01"
          },
          {
            "trust": 1.0,
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-259-01a"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/cisagov/csaf/blob/develop/csaf_files/ot/white/2014/icsa-14-259-01a.json"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-5412"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-5412"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/bid/69840"
          },
          {
            "trust": 0.3,
            "url": "http://www.schneider-electric.com/products/ww/en/"
          },
          {
            "trust": 0.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-14-259-01a"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2014-06087"
          },
          {
            "db": "VULHUB",
            "id": "VHN-73353"
          },
          {
            "db": "BID",
            "id": "69840"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201409-657"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004283"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-5412"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "dcf002d8-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06087"
          },
          {
            "db": "VULHUB",
            "id": "VHN-73353"
          },
          {
            "db": "BID",
            "id": "69840"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201409-657"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004283"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-5412"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-09-19T00:00:00",
            "db": "IVD",
            "id": "dcf002d8-2351-11e6-abef-000c29c66e3d"
          },
          {
            "date": "2014-09-19T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-06087"
          },
          {
            "date": "2014-09-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-73353"
          },
          {
            "date": "2014-09-16T00:00:00",
            "db": "BID",
            "id": "69840"
          },
          {
            "date": "2014-09-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201409-657"
          },
          {
            "date": "2014-09-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-004283"
          },
          {
            "date": "2014-09-18T10:55:11.687000",
            "db": "NVD",
            "id": "CVE-2014-5412"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-09-19T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-06087"
          },
          {
            "date": "2018-12-31T00:00:00",
            "db": "VULHUB",
            "id": "VHN-73353"
          },
          {
            "date": "2015-03-19T08:46:00",
            "db": "BID",
            "id": "69840"
          },
          {
            "date": "2014-09-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201409-657"
          },
          {
            "date": "2014-09-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-004283"
          },
          {
            "date": "2025-11-04T23:15:33.393000",
            "db": "NVD",
            "id": "CVE-2014-5412"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201409-657"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Schneider Electric ClearSCADA Remote Security Bypass Vulnerability",
        "sources": [
          {
            "db": "IVD",
            "id": "dcf002d8-2351-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-06087"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "permissions and access control",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201409-657"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201403-0444

    Vulnerability from variot - Updated: 2025-09-25 23:18

    The PLC driver in ServerMain.exe in the Kepware KepServerEX 4 component in Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R2 build 71.4165, 2010 R2.1 build 71.4325, 2010 R3 build 72.4560, 2010 R3.1 build 72.4644, 2013 R1 build 73.4729, 2013 R1.1 build 73.4832, 2013 R1.1a build 73.4903, 2013 R1.2 build 73.4955, and 2013 R2 build 74.5094 allows remote attackers to cause a denial of service (application crash) via a crafted OPF file (aka project file). This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider-Electric ClearSCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of OPF files. The issue lies in a failure to validate a length specifier before using it as an index into an array. An attacker can leverage this vulnerability to execute code under the context of the current process. Schneider Electric ClearSCADA is an open software platform that enables remote management of critical architectures. Schneider ClearSCADA has security holes in the implementation of parsing project files. To exploit this vulnerability you need to install the \"PLC Driver\". Schneider Electric ClearSCADA is prone to a remote code-execution vulnerability. Failed exploit attempts may result in a denial-of-service condition. 1a build 73.4903, 2013 R1.2 build 73.4955, 2013 R2 build 74.5094

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201403-0444",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "clearscada",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "aveva",
            "version": "2013"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 1.0,
            "vendor": "clearscada",
            "version": "2013"
          },
          {
            "model": "clearscada",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "aveva",
            "version": "2010"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.8,
            "vendor": "clearscada",
            "version": "2010"
          },
          {
            "model": "clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2010 r2 (build 71.4165)"
          },
          {
            "model": "clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2010 r2.1 (build 71.4325)"
          },
          {
            "model": "clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2010 r3 (build 72.4560)"
          },
          {
            "model": "clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2010 r3.1 (build 72.4644)"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2013 r1 (build 73.4729)"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2013 r1.1 (build 73.4832)"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2013 r1.1a (build 73.4903)"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2013 r1.2 (build 73.4955)"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schneider electric",
            "version": "2013 r2 (build 74.5094)"
          },
          {
            "model": "clearscada",
            "scope": null,
            "trust": 0.7,
            "vendor": "schneider electric",
            "version": null
          },
          {
            "model": "electric clearscada",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider",
            "version": "2013"
          },
          {
            "model": "electric clearscada",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider",
            "version": "2010"
          },
          {
            "model": "clearscada",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": "2010"
          },
          {
            "model": "scada expert clearscada",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "schneider electric",
            "version": "2013"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "285fdc02-2352-11e6-abef-000c29c66e3d"
          },
          {
            "db": "ZDI",
            "id": "ZDI-14-059"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-01024"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201403-250"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-001653"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-0779"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:schneider_electric:clearscada",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:schneider_electric:scada_expert_clearscada",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-001653"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Andrew Brooks",
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-14-059"
          },
          {
            "db": "BID",
            "id": "65476"
          }
        ],
        "trust": 1.0
      },
      "cve": "CVE-2014-0779",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "ics-cert@hq.dhs.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2014-0779",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 3.5,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2014-01024",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "285fdc02-2352-11e6-abef-000c29c66e3d",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.9 [IVD]"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "VHN-68272",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "ics-cert@hq.dhs.gov",
                "id": "CVE-2014-0779",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2014-0779",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2014-0779",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "ZDI",
                "id": "CVE-2014-0779",
                "trust": 0.7,
                "value": "MEDIUM"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2014-01024",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201403-250",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "IVD",
                "id": "285fdc02-2352-11e6-abef-000c29c66e3d",
                "trust": 0.2,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-68272",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "285fdc02-2352-11e6-abef-000c29c66e3d"
          },
          {
            "db": "ZDI",
            "id": "ZDI-14-059"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-01024"
          },
          {
            "db": "VULHUB",
            "id": "VHN-68272"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201403-250"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-001653"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-0779"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-0779"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The PLC driver in ServerMain.exe in the Kepware KepServerEX 4 component in Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R2 build 71.4165, 2010 R2.1 build 71.4325, 2010 R3 build 72.4560, 2010 R3.1 build 72.4644, 2013 R1 build 73.4729, 2013 R1.1 build 73.4832, 2013 R1.1a build 73.4903, 2013 R1.2 build 73.4955, and 2013 R2 build 74.5094 allows remote attackers to cause a denial of service (application crash) via a crafted OPF file (aka project file). This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider-Electric ClearSCADA.  User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of OPF files.  The issue lies in a failure to validate a length specifier before using it as an index into an array.  An attacker can leverage this vulnerability to execute code under the context of the current process. Schneider Electric ClearSCADA is an open software platform that enables remote management of critical architectures. Schneider ClearSCADA has security holes in the implementation of parsing project files. To exploit this vulnerability you need to install the \\\"PLC Driver\\\". Schneider Electric ClearSCADA is prone to a remote code-execution vulnerability. Failed exploit attempts may result in a denial-of-service condition. 1a build 73.4903, 2013 R1.2 build 73.4955, 2013 R2 build 74.5094",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2014-0779"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-001653"
          },
          {
            "db": "ZDI",
            "id": "ZDI-14-059"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-01024"
          },
          {
            "db": "BID",
            "id": "65476"
          },
          {
            "db": "IVD",
            "id": "285fdc02-2352-11e6-abef-000c29c66e3d"
          },
          {
            "db": "VULHUB",
            "id": "VHN-68272"
          }
        ],
        "trust": 3.33
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2014-0779",
            "trust": 4.3
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-14-072-01",
            "trust": 2.5
          },
          {
            "db": "BID",
            "id": "65476",
            "trust": 1.0
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201403-250",
            "trust": 0.9
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-01024",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-001653",
            "trust": 0.8
          },
          {
            "db": "ZDI_CAN",
            "id": "ZDI-CAN-1876",
            "trust": 0.7
          },
          {
            "db": "ZDI",
            "id": "ZDI-14-059",
            "trust": 0.7
          },
          {
            "db": "IVD",
            "id": "285FDC02-2352-11E6-ABEF-000C29C66E3D",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-68272",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "285fdc02-2352-11e6-abef-000c29c66e3d"
          },
          {
            "db": "ZDI",
            "id": "ZDI-14-059"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-01024"
          },
          {
            "db": "VULHUB",
            "id": "VHN-68272"
          },
          {
            "db": "BID",
            "id": "65476"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201403-250"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-001653"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-0779"
          }
        ]
      },
      "id": "VAR-201403-0444",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "285fdc02-2352-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-01024"
          },
          {
            "db": "VULHUB",
            "id": "VHN-68272"
          }
        ],
        "trust": 1.9
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "285fdc02-2352-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-01024"
          }
        ]
      },
      "last_update_date": "2025-09-25T23:18:43.147000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "SEVD 2014-024-01",
            "trust": 0.8,
            "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-024-01"
          },
          {
            "title": "Schneider Electric has issued an update to correct this vulnerability.",
            "trust": 0.7,
            "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-072-01"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-14-059"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-001653"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-68272"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-001653"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-0779"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.2,
            "url": "http://ics-cert.us-cert.gov/advisories/icsa-14-072-01"
          },
          {
            "trust": 1.7,
            "url": "http://download.schneider-electric.com/files?p_doc_ref=sevd%202014-024-01"
          },
          {
            "trust": 1.0,
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-14-072-01"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0779"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0779"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/bid/65476"
          },
          {
            "trust": 0.3,
            "url": "http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-14-059"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-01024"
          },
          {
            "db": "VULHUB",
            "id": "VHN-68272"
          },
          {
            "db": "BID",
            "id": "65476"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201403-250"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-001653"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-0779"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "285fdc02-2352-11e6-abef-000c29c66e3d"
          },
          {
            "db": "ZDI",
            "id": "ZDI-14-059"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2014-01024"
          },
          {
            "db": "VULHUB",
            "id": "VHN-68272"
          },
          {
            "db": "BID",
            "id": "65476"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201403-250"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-001653"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-0779"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-02-18T00:00:00",
            "db": "IVD",
            "id": "285fdc02-2352-11e6-abef-000c29c66e3d"
          },
          {
            "date": "2014-04-03T00:00:00",
            "db": "ZDI",
            "id": "ZDI-14-059"
          },
          {
            "date": "2014-02-18T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-01024"
          },
          {
            "date": "2014-03-14T00:00:00",
            "db": "VULHUB",
            "id": "VHN-68272"
          },
          {
            "date": "2014-01-24T00:00:00",
            "db": "BID",
            "id": "65476"
          },
          {
            "date": "2014-03-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201403-250"
          },
          {
            "date": "2014-03-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-001653"
          },
          {
            "date": "2014-03-14T10:55:05.803000",
            "db": "NVD",
            "id": "CVE-2014-0779"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-04-03T00:00:00",
            "db": "ZDI",
            "id": "ZDI-14-059"
          },
          {
            "date": "2014-02-18T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2014-01024"
          },
          {
            "date": "2018-12-31T00:00:00",
            "db": "VULHUB",
            "id": "VHN-68272"
          },
          {
            "date": "2015-03-19T09:33:00",
            "db": "BID",
            "id": "65476"
          },
          {
            "date": "2014-03-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201403-250"
          },
          {
            "date": "2014-03-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-001653"
          },
          {
            "date": "2025-09-24T22:15:35.147000",
            "db": "NVD",
            "id": "CVE-2014-0779"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201403-250"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Schneider Electric StruxureWare SCADA Expert ClearSCADA of  Kepware KepServerEX 4 Component  ServerMain.exe Inside  PLC Service disruption in drivers  (DoS) Vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-001653"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Buffer overflow",
        "sources": [
          {
            "db": "IVD",
            "id": "285fdc02-2352-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201403-250"
          }
        ],
        "trust": 0.8
      }
    }