CVE-2019-10981

EPSS 0.4%CWE-522

In Vijeo Citect 7.30 and 7.40, and CitectSCADA 7.30 and 7.40, a vulnerability has been identified that may allow an authenticated local user access to Citect user credentials.

Affected products

AVEVA · AVEVA Vijeo Citect and CitectSCADA

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://ics-cert.us-cert.gov/advisories/ICSA-19-150-01 https://security.cse.iitk.ac.in/responsible-disclosure https://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityAdvisory_LFSec136.pdf http://www.securityfocus.com/bid/108543