CVE-2019-10981

Description

In Vijeo Citect 7.30 and 7.40, and CitectSCADA 7.30 and 7.40, a vulnerability has been identified that may allow an authenticated local user access to Citect user credentials.

Affected products

• AVEVA / AVEVA Vijeo Citect and CitectSCADAVijeo Citect 7.30 and 7.40 CitectSCADA 7.30 and 7.40 – Vijeo Citect 7.30 and 7.40 CitectSCADA 7.30 and 7.40

References

• VENDOR_ADVISORYhttps://ics-cert.us-cert.gov/advisories/ICSA-19-150-01
• MISChttps://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityAdvisory_LFSec136.pdf
• MISChttp://www.securityfocus.com/bid/108543
• MISChttps://security.cse.iitk.ac.in/responsible-disclosure