Known Vulnerabilities for products from Invensys
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Invensys".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2014-5399 json | SQL injection vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remot... | 7.5 - HIGH | 2014-08-28 | 2015-11-02 |
| CVE-2014-5398 json | Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to read arbitrary f... | 2.1 - LOW | 2014-08-28 | 2014-08-28 |
| CVE-2014-5397 json | Cross-site scripting (XSS) vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5... | 4.3 - MEDIUM | 2014-08-28 | 2015-10-21 |
| CVE-2014-2381 json | Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local us... | 2.1 - LOW | 2014-08-28 | 2014-08-28 |
| CVE-2014-2380 json | Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows remote a... | 7.8 - HIGH | 2014-08-28 | 2014-08-28 |
| CVE-2013-0688 json | Cross-site scripting (XSS) vulnerability in Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Po... | Not Provided | 2013-05-09 | 2026-04-29 |
| CVE-2013-0686 json | Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal allows remote attackers to read arbitra... | Not Provided | 2013-05-09 | 2026-04-29 |
| CVE-2013-0685 json | Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal does not restrict unspecified size and ... | Not Provided | 2013-05-09 | 2026-04-29 |
| CVE-2013-0684 json | SQL injection vulnerability in Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal allows r... | Not Provided | 2013-05-09 | 2026-04-29 |
| CVE-2012-4710 json | Invensys Wonderware Win-XML Exporter 1522.148.0.0 allows remote attackers to read arbitrary files, send HTTP requests to intr... | Not Provided | 2013-04-04 | 2026-04-29 |
| CVE-2012-4709 json | Invensys Wonderware InTouch HMI 2012 R2 and earlier allows remote attackers to read arbitrary files, send HTTP requests to in... | Not Provided | 2013-10-13 | 2026-04-29 |
| CVE-2012-4693 json | Invensys Wonderware InTouch 2012 R2 and earlier and Siemens ProcessSuite use a weak encryption algorithm for data in Ps_secur... | Not Provided | 2012-12-18 | 2026-04-29 |
| CVE-2012-3847 json | slssvc.exe in Invensys Wonderware SuiteLink in Invensys InTouch 2012 and Wonderware Application Server 2012 allows remote att... | Not Provided | 2012-07-05 | 2026-04-29 |
| CVE-2012-3007 json | Stack-based buffer overflow in slssvc.exe before 58.x in Invensys Wonderware SuiteLink in the Invensys System Platform softwa... | Not Provided | 2012-07-05 | 2026-04-29 |
| CVE-2012-3005 json | Untrusted search path vulnerability in Invensys Wonderware InTouch 2012 and earlier, as used in Wonderware Application Server... | Not Provided | 2012-07-26 | 2026-04-29 |
| CVE-2012-0258 json | Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in Invensys Wonderware Applic... | Not Provided | 2012-04-02 | 2026-04-29 |
| CVE-2012-0257 json | Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in Invensys Wonderware Applic... | Not Provided | 2012-04-02 | 2026-04-29 |
| CVE-2012-0228 json | Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not properly implement client controls, which allows remote attac... | Not Provided | 2012-04-02 | 2026-04-29 |
| CVE-2012-0226 json | SQL injection vulnerability in Invensys Wonderware Information Server 4.0 SP1 and 4.5 allows remote attackers to execute arbi... | Not Provided | 2012-04-02 | 2026-04-29 |
| CVE-2012-0225 json | Cross-site scripting (XSS) vulnerability in Invensys Wonderware Information Server 4.0 SP1 and 4.5 allows remote attackers to... | Not Provided | 2012-04-02 | 2026-04-29 |
Known software with vulnerabilities from Invensys
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Invensys | Dasabcip | 4.1 |
| Application | Invensys | Daserver Runtime Components | 3.0 |
| Application | Invensys | Dassidirect | 2.0 |
| Application | Invensys | Foxboro Control Software | 3.1 |
| Application | Invensys | Infusion Ce/fe/scada | 2.5 |
| Application | Invensys | Infusion Integrated Engineering Environment | - |
| Application | Invensys | Intouch | 2012 |
| Application | Invensys | Intouch/wonderware Application Server | 10.0 |
| Application | Invensys | Wonderware Application Server | 2.0 |
| Application | Invensys | Wonderware Archestra Configuration Access Component Activex Control | - |
| Application | Invensys | Wonderware Archestra Integrated Development Environment | - |
| Application | Invensys | Wonderware Historian | 10.0 |
| Application | Invensys | Wonderware Inbatch | 8.1 |
| Application | Invensys | Wonderware Information Server | 3.1 |
| Application | Invensys | Wonderware Intouch | 2012 |