CVE-2018-8840

A remote attacker could send a carefully crafted packet in InduSoft Web Studio v8.1 and prior versions, and/or InTouch Machine Edition 2017 v8.1 and prior versions during a tag, alarm, or event related action such as read and write, which may allow remote code execution.
Configurations

Configuration 1 (hide)

cpe:2.3:a:indusoft:web_studio:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:industrial-software:intouch_machine_edition_2017:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-04-18 20:29

Updated : 2024-02-04 19:46


NVD link : CVE-2018-8840

Mitre link : CVE-2018-8840

CVE.ORG link : CVE-2018-8840


JSON object : View

Products Affected

industrial-software

  • intouch_machine_edition_2017

indusoft

  • web_studio
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-121

Stack-based Buffer Overflow