Wonderware » Intouch : Security Vulnerabilities, CVEs,

CVE-2015-1009

Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5 and Wonderware InTouch Machine Edition through 7.1 SP3 Patch 4 use cleartext for project-window password storage, which allows local users to obtain sensitive information by reading a file.
Max CVSS
1.7
EPSS Score
0.04%
Published
2015-08-01
Updated
2015-08-04

CVE-2008-2005

The SuiteLink Service (aka slssvc.exe) in WonderWare SuiteLink before 2.0 Patch 01, as used in WonderWare InTouch 8.0, allows remote attackers to cause a denial of service (NULL pointer dereference and service shutdown) and possibly execute arbitrary code via a large length value in a Registration packet to TCP port 5413, which causes a memory allocation failure.
Max CVSS
5.0
EPSS Score
83.42%
Published
2008-05-06
Updated
2018-10-11

CVE-2007-6033

Invensys Wonderware InTouch 8.0 creates a NetDDE share with insecure permissions (Everyone/Full Control), which allows remote authenticated attackers, and possibly anonymous users, to execute arbitrary programs.
Max CVSS
9.0
EPSS Score
0.83%
Published
2007-11-20
Updated
2024-01-25
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close