Vulnerability Details CVE-2019-10981
In Vijeo Citect 7.30 and 7.40, and CitectSCADA 7.30 and 7.40, a vulnerability has been identified that may allow an authenticated local user access to Citect user credentials.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.4%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 2.1
References
- http://www.securityfocus.com/bid/108543
- https://ics-cert.us-cert.gov/advisories/ICSA-19-150-01
- https://security.cse.iitk.ac.in/responsible-disclosure
- https://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityAdvisory_LFSec136.pdf
- http://www.securityfocus.com/bid/108543
- https://ics-cert.us-cert.gov/advisories/ICSA-19-150-01
- https://security.cse.iitk.ac.in/responsible-disclosure
- https://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityAdvisory_LFSec136.pdf
Products affected by CVE-2019-10981
-
cpe:2.3:a:schneider-electric:citectscada:7.30
-
cpe:2.3:a:schneider-electric:citectscada:7.40
-
cpe:2.3:a:schneider-electric:scada_expert_vijeo_citect:7.30
-
cpe:2.3:a:schneider-electric:scada_expert_vijeo_citect:7.40