CVE-2019-6543
Published Feb 13, 2019
Last updated 2 years ago
Overview
- Description
- AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) prior to Version 2017 Update. Code is executed under the program runtime privileges, which could lead to the compromise of the machine.
- Source
- ics-cert@hq.dhs.gov
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:6.1:sp5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4C7C2429-3A6B-4552-B12D-CBA00563907D"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:6.1:sp6_p3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "05020B8D-DB30-4BDA-9BD3-0C7C4804859B"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55E9450D-F600-4DC6-8C72-8D79974B6802"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D2CB5BAC-BFCE-41C2-A25C-3E6CB218FBD6"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FBFEECD4-C454-4A47-9B81-91699C325DC3"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A62CC412-F399-40B7-8000-A4A707F7F6F1"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "127CC5C8-822A-4630-813E-5AE39BEBD5A2"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D90DF6B-B281-48D3-8672-25294990E611"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8721C8BE-1946-4030-B056-67A6B42BCDCA"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C07C446B-6125-46D7-BDC4-11849BA6A72D"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8D4A9403-5D1E-464F-8B40-D554F4A7C3AE"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FDFC8512-2971-48C3-9576-0FA74B59406B"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D2991440-E8EB-4AB1-A861-2A263C443DEF"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p8:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "23DA9BCB-F9BD-4F9F-A77E-95210C270539"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:7.1:sp3_p9:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD1C359C-61FA-4E5F-81CA-991BCB8CD9A8"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D07A836A-535F-437E-BD25-1D833BD63327"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.0:p1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AAD4BA73-691D-4E12-936C-7B0F0A0AFF0F"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.0:p2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D515729F-9316-470F-8D18-34B674E8F5D4"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.0:p3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "542A2064-3D3D-4EF0-AEF5-3D8C45BD8CA6"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.0:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3C282BFD-02D9-4F80-BBD9-B84B0703D07A"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.0:sp1_p1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "92E5DA1B-459C-44B2-9E0B-2B88C985DA98"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.0:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "186D0227-8791-44E0-8B80-2AE0427B69D7"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.0:sp2_p1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DDA36D8C-6CE2-4C5B-A4E2-68031D97516D"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7B550C6-160F-480D-8B70-92C6D236C3EA"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.1:p1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2C809DC5-73DC-4E00-ABAB-558844CE2103"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.1:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BC7F3AAD-E423-4CA2-BB78-AC7B081338D3"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.1:sp1_p1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "870D0F41-F2CE-4693-8815-5527A6E5ECD9"
},
{
"criteria": "cpe:2.3:a:aveva:indusoft_web_studio:8.1:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CBA02828-7756-4F12-9F3A-DBBD20AFEAF7"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aveva:intouch_machine_edition_2014:r2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "67AB4CF8-A2C6-4B0D-87EB-62617943F705"
}
],
"operator": "OR"
}
]
}
]