CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-6543

AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) prior to Version 2017 Update. Code is executed under the program runtime privileges, which could lead to the compromise of the machine.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.363

EPSS Ranking 96.9%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

https://ics-cert.us-cert.gov/advisories/ICSA-19-036-01
https://www.exploit-db.com/exploits/46342/
https://www.tenable.com/security/research/tra-2019-04
https://ics-cert.us-cert.gov/advisories/ICSA-19-036-01
https://www.exploit-db.com/exploits/46342/
https://www.tenable.com/security/research/tra-2019-04

Products affected by CVE-2019-6543

Aveva » Indusoft Web Studio » Version: 6.1

cpe:2.3:a:aveva:indusoft_web_studio:6.1
Aveva » Indusoft Web Studio » Version: 7.1

cpe:2.3:a:aveva:indusoft_web_studio:7.1
Aveva » Indusoft Web Studio » Version: 8.0

cpe:2.3:a:aveva:indusoft_web_studio:8.0
Aveva » Indusoft Web Studio » Version: 8.1

cpe:2.3:a:aveva:indusoft_web_studio:8.1
Aveva » Intouch Machine Edition 2014 » Version: r2

cpe:2.3:a:aveva:intouch_machine_edition_2014:r2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-6543

Products

Pricing

Contact Us