GCVE - cpe:2.3:a:aveva:intouch:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:aveva:intouch:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Aveva (`419325dd-398d-5d8e-98c9-e41c800a541d`)
Product	Intouch (`6876a58e-5e80-5569-b253-b11128730835`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-7113`	vulnerable	2026-06-03 14:58:05.069804	Allocation of Resources Without Limits or Throttling in AVEVA SuiteLink Server If exploited, this vulnerability could cause a SuiteLink server to consume excessive system resources and slow down processing of Data I/O for the duration of the attack. Published: 2024-08-13T16:26:32.285Z Updated: 2024-08-15T18:49:01.175Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/ics-advisories/icsa-24-226-01	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-34982`	vulnerable	2026-06-03 14:52:17.503392	AVEVA Operations Control Logger External Control of File Name or Path MEDIUM (5.5) This external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of service. Published: 2023-11-15T16:28:35.183Z Updated: 2024-08-02T16:17:04.179Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01 https://www.aveva.com/en/support-and-success/cyber-security-updates/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-33873`	vulnerable	2026-06-03 14:52:14.833549	AVEVA Operations Control Logger Execution with Unnecessary Privileges HIGH (7.8) This privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standard privileges to escalate to System privilege on the machine where these products are installed, resulting in complete compromise of the target machine. Published: 2023-11-15T16:22:31.927Z Updated: 2024-11-21T20:10:00.423Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01 https://www.aveva.com/en/support-and-success/cyber-security-updates/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-32942`	vulnerable	2026-06-03 14:44:40.522322	Details available MEDIUM (6.6) The vulnerability could expose cleartext credentials from AVEVA InTouch Runtime 2020 R2 and all prior versions (WindowViewer) if an authorized, privileged user creates a diagnostic memory dump of the process and saves it to a non-protected location. Published: 2021-06-09T16:06:26.984Z Updated: 2024-09-17T03:17:35.496Z Open on db.gcve.eu Reference links https://us-cert.cisa.gov/ics/advisories/icsa-21-159-03 https://www.aveva.com/en/support/cyber-security-updates/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.