AVEVA Software Platform Common Services (PCS) Portal versions 4.5.2, 4.5.1, 4.5.0, and 4.4.6 are vulnerable to DLL hijacking through an uncontrolled search path element, which may allow an attacker control to one or more locations in the search path.
oryginał ENCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HAveva Batch Management
APPAveva2020Aveva Enterprise Data Management
APPAveva2020Aveva Manufacturing Execution System
APPAveva2020Aveva Mobile Operator
APPAveva2020Aveva Platform Common Services
APPAveva4.4.64.5.04.5.14.5.2Aveva System Platform
APPAveva2020Aveva Work Tasks
APPAveva2020
Powiązane podatności
The vulnerability, if exploited, could allow a malicious entity with access to the file system to achieve arb...
This privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standar...
AVEVA System Platform 2020 stores sensitive information in cleartext, which may allow access to an attacker or...
AVEVA System Platform versions 2017 through 2020 R2 P01 does not perform any authentication for functionality ...
AVEVA System Platform versions 2017 through 2020 R2 P01 does not verify, or incorrectly verifies, the cryptogr...