cbcvebase.
CVE-2018-10628
published 2018-07-24

CVE-2018-10628: AVEVA InTouch 2014 R2 SP1 and prior, InTouch 2017, InTouch 2017 Update 1, and InTouch 2017 Update 2 allow an unauthenticated user to send a specially crafted…

PriorityP262critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
5.43%
91.7th percentile
AVEVA InTouch 2014 R2 SP1 and prior, InTouch 2017, InTouch 2017 Update 1, and InTouch 2017 Update 2 allow an unauthenticated user to send a specially crafted packet that could overflow the buffer on a locale not using a dot floating point separator. Exploitation could allow remote code execution under the privileges of the InTouch View process.

Affected

5 ranges
VendorProductVersion rangeFixed in
avevaintouch_2014
aveva_software_llcintouch
aveva_software_llcintouch
aveva_software_llcintouch
aveva_software_llcintouch

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability is a stack-based buffer overflow triggered by a specially crafted network packet sent to the InTouch View process; monitor for unexpected remote connections to InTouch HMI systems and anomalous process behavior under the InTouch View process.
  • No authentication is required to trigger the vulnerability; any unauthenticated inbound network packet to the InTouch service should be treated as suspicious in hardened environments.
  • Exploitation is only possible on systems where the OS locale does NOT use a dot ('.') as the floating point separator (e.g., locales using comma as decimal separator); scope detection efforts to such locale configurations.
  • ·Only systems running affected versions (InTouch 2014 R2 SP1 and prior, InTouch 2017, 2017 Update 1, 2017 Update 2) AND configured with a non-dot floating point locale are exploitable; patched or dot-locale systems are not vulnerable.
  • ·No known public exploits exist for this vulnerability at time of advisory publication; risk is elevated but active exploitation in the wild was not confirmed.

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.