CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-32942

The vulnerability could expose cleartext credentials from AVEVA InTouch Runtime 2020 R2 and all prior versions (WindowViewer) if an authorized, privileged user creates a diagnostic memory dump of the process and saves it to a non-protected location.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 13.1%

CVSS Severity

CVSS v3 Score 6.6

CVSS v2 Score 2.1

References

https://us-cert.cisa.gov/ics/advisories/icsa-21-159-03
https://www.aveva.com/en/support/cyber-security-updates/
https://us-cert.cisa.gov/ics/advisories/icsa-21-159-03
https://www.aveva.com/en/support/cyber-security-updates/

Products affected by CVE-2021-32942

Aveva » Intouch 2017 » Version: N/A

cpe:2.3:a:aveva:intouch_2017:-
Aveva » Intouch 2020 » Version: N/A

cpe:2.3:a:aveva:intouch_2020:-
Aveva » Intouch 2020 » Version: r2

cpe:2.3:a:aveva:intouch_2020:r2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-32942

Products

Pricing

Contact Us