Known Vulnerabilities for products from Aveva
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Aveva".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Aveva can be found at device.report : Aveva
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-34348 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2024-01-18 | 2024-01-26 |
| CVE-2023-31274 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.3 - MEDIUM | 2024-01-18 | 2024-01-26 |
| CVE-2023-1256 json | The listed versions of AVEVA Plant SCADA and AVEVA Telemetry Server are vulnerable to an improper authorization exploit which... | 9.8 - CRITICAL | 2023-03-16 | 2023-11-07 |
| CVE-2022-36970 json | This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 20.0 Build: 4201... | 7.8 - HIGH | 2023-03-29 | 2023-04-06 |
| CVE-2022-36969 json | This vulnerability allows remote attackers to disclose sensitive information on affected installations of AVEVA Edge 2020 SP2... | 7.1 - HIGH | 2023-03-29 | 2023-04-06 |
| CVE-2022-28688 json | This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0... | 7.8 - HIGH | 2023-03-29 | 2023-04-05 |
| CVE-2022-28687 json | This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0... | 7.8 - HIGH | 2023-03-29 | 2023-04-05 |
| CVE-2022-28686 json | This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0... | 7.8 - HIGH | 2023-03-29 | 2023-04-05 |
| CVE-2022-28685 json | This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0... | 7.8 - HIGH | 2023-03-29 | 2023-04-05 |
| CVE-2022-23854 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-12-23 | 2024-01-19 |
| CVE-2022-1467 json | Windows OS can be configured to overlay a “language bar” on top of any application. When this OS functionality is enabled... | 9.9 - CRITICAL | 2022-05-23 | 2022-06-07 |
| CVE-2022-0835 json | AVEVA System Platform 2020 stores sensitive information in cleartext, which may allow access to an attacker or a low-privileg... | 5.5 - MEDIUM | 2022-04-11 | 2022-04-18 |
| CVE-2021-42797 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-12-16 | 2023-12-20 |
| CVE-2021-42796 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2023-12-16 | 2023-12-20 |
| CVE-2021-42794 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.3 - MEDIUM | 2023-12-16 | 2023-12-20 |
| CVE-2021-38410 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.8 - HIGH | 2022-07-27 | 2022-08-04 |
| CVE-2021-33010 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-04-04 | 2022-04-13 |
| CVE-2021-33008 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2022-04-04 | 2022-04-13 |
| CVE-2021-32999 json | Improper handling of exceptional conditions in SuiteLink server while processing command 0x01 | 7.5 - HIGH | 2021-09-23 | 2021-10-01 |
| CVE-2021-32987 json | Null pointer dereference in SuiteLink server while processing command 0x0b | 7.5 - HIGH | 2021-09-23 | 2021-10-01 |
Known software with vulnerabilities from Aveva
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Aveva | Clearscada | 2005 |
| Application | Aveva | Edna Enterprise Data Historian | 3.0.1.2\/7.5.4989.33053 |
| Hardware | Aveva | Iec870ip | - |
| Operating System | Aveva | Iec870ip Firmware | 4.14.02 |
| Application | Aveva | Indusoft Web Studio | 6.1 |
| Application | Aveva | Wonderware System Platform | 2014 |