Wonderware Intouch vulnerabilities
3 known vulnerabilities affecting wonderware/intouch.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1LOW1
Vulnerabilities
Page 1 of 1
CVE-2008-2005P3MEDIUMCVSS 5.0PoCv8.02008-05-06
CVE-2008-2005 [MEDIUM] CWE-399 CVE-2008-2005: The SuiteLink Service (aka slssvc.exe) in WonderWare SuiteLink before 2.0 Patch 01, as used in Wonde
The SuiteLink Service (aka slssvc.exe) in WonderWare SuiteLink before 2.0 Patch 01, as used in WonderWare InTouch 8.0, allows remote attackers to cause a denial of service (NULL pointer dereference and service shutdown) and possibly execute arbitrary code via a large length value in a Registration packet to TCP port 5413, which causes a memory allocat
nvd
CVE-2007-6033P3HIGHCVSS 8.8v8.02007-11-20
CVE-2007-6033 [HIGH] CWE-732 CVE-2007-6033: Invensys Wonderware InTouch 8.0 creates a NetDDE share with insecure permissions (Everyone/Full Cont
Invensys Wonderware InTouch 8.0 creates a NetDDE share with insecure permissions (Everyone/Full Control), which allows remote authenticated attackers, and possibly anonymous users, to execute arbitrary programs.
nvd
CVE-2015-1009P4LOWCVSS 1.7≤ 7.12015-08-01
CVE-2015-1009 [LOW] CWE-200 CVE-2015-1009: Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5 and Wonderware InTouch Machine Edition
Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5 and Wonderware InTouch Machine Edition through 7.1 SP3 Patch 4 use cleartext for project-window password storage, which allows local users to obtain sensitive information by reading a file.
nvd