Products

Solutions

Company

Book A Live Demo

CVE-2018-10628 : Security Advisory and Response

Learn about CVE-2018-10628 affecting AVEVA InTouch software versions 2014 R2 SP1 and earlier, InTouch 2017, InTouch 2017 Update 1, and InTouch 2017 Update 2. Discover the impact, technical details, and mitigation steps.

CVE-2018-10628, affecting AVEVA InTouch software, involves a vulnerability that allows unauthenticated users to trigger a buffer overflow, potentially leading to remote code execution.

Understanding CVE-2018-10628

CVE-2018-10628 is a security vulnerability in AVEVA InTouch software versions 2014 R2 SP1 and earlier, InTouch 2017, InTouch 2017 Update 1, and InTouch 2017 Update 2.

What is CVE-2018-10628?

The vulnerability in AVEVA InTouch software versions allows unauthenticated users to exploit a buffer overflow by sending a specially crafted packet, potentially leading to remote code execution.

The Impact of CVE-2018-10628

If successfully exploited, this vulnerability could result in remote code execution with the privileges of the InTouch View process.

Technical Details of CVE-2018-10628

CVE-2018-10628 is classified as a STACK-BASED BUFFER OVERFLOW (CWE-121) vulnerability.

Vulnerability Description

The vulnerability in AVEVA InTouch software versions 2014 R2 SP1 and earlier, InTouch 2017, InTouch 2017 Update 1, and InTouch 2017 Update 2 allows unauthenticated users to trigger a buffer overflow by sending a carefully designed packet.

Affected Systems and Versions

Product: InTouch

Vendor: AVEVA Software, LLC.

Affected Versions: 2014 R2 SP1 and prior, 2017, 2017 Update 1, 2017 Update 2

Exploitation Mechanism

Exploitation of this vulnerability involves sending a specially crafted packet that triggers a buffer overflow on systems not using a dot as a floating point separator.

Mitigation and Prevention

It is crucial to take immediate steps to address and prevent the exploitation of CVE-2018-10628.

Immediate Steps to Take

Apply security patches provided by the vendor.

Implement network segmentation to limit exposure.

Monitor network traffic for signs of exploitation.

Long-Term Security Practices

Regularly update software and systems to the latest versions.

Conduct security assessments and penetration testing.

Patching and Updates

Stay informed about security bulletins and updates from AVEVA Software, LLC.

CVE-2018-10628 : Security Advisory and Response

Understanding CVE-2018-10628

What is CVE-2018-10628?

The Impact of CVE-2018-10628

Technical Details of CVE-2018-10628

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now

CVE-2018-10628 : Security Advisory and Response

.css-lczsrn{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:24px;font-weight:700;margin-top:1rem;font-family:sans-serif;}Understanding CVE-2018-10628

.css-ru2q5j{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:1.2rem;font-weight:700;margin-top:1rem;margin-bottom:0rem;font-family:sans-serif;}What is CVE-2018-10628?

The Impact of CVE-2018-10628

Technical Details of CVE-2018-10628

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities? Find Out Now

Understanding CVE-2018-10628

What is CVE-2018-10628?

Is your System Free of Underlying Vulnerabilities?
Find Out Now