Vulnerability Details CVE-2021-32985
AVEVA System Platform versions 2017 through 2020 R2 P01 does not properly verify that the source of data or communication is valid.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 26.0%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 6.5
References
- https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2021-002.pdf
- https://www.cisa.gov/uscert/ics/advisories/icsa-21-180-05
- https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2021-002.pdf
- https://www.cisa.gov/uscert/ics/advisories/icsa-21-180-05
Products affected by CVE-2021-32985
-
cpe:2.3:a:aveva:system_platform:2017
-
cpe:2.3:a:aveva:system_platform:2020