Aveva Intouch vulnerabilities

CVE-2024-7113 [HIGH] CWE-770 CVE-2024-7113: If exploited, this vulnerability could cause a SuiteLink server to consume excessive system resource If exploited, this vulnerability could cause a SuiteLink server to consume excessive system resources and slow down processing of Data I/O for the duration of the attack.

CVE-2023-33873 [HIGH] CWE-250 CVE-2023-33873: This privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user wi This privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standard privileges to escalate to System privilege on the machine where these products are installed, resulting in complete compromise of the target machine.

CVE-2023-34982 [HIGH] CWE-73 CVE-2023-34982: This external control vulnerability, if exploited, could allow a local OS-authenticated user with s This external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of service.

CVE-2021-32942 [MEDIUM] CWE-316 CVE-2021-32942: The vulnerability could expose cleartext credentials from AVEVA InTouch Runtime 2020 R2 and all prio The vulnerability could expose cleartext credentials from AVEVA InTouch Runtime 2020 R2 and all prior versions (WindowViewer) if an authorized, privileged user creates a diagnostic memory dump of the process and saves it to a non-protected location.