CVE-2021-32959

HIGH8.1JSON export Create alert

Description

Heap-based buffer overflow in SuiteLink server while processing commands 0x05/0x06

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected products

AVEVA Software, LLC / AVEVA Batch Management 2020unspecified – 2020
AVEVA Software, LLC / AVEVA Communication Drivers Pack 2020unspecified – R2
AVEVA Software, LLC / AVEVA Historian 2020unspecified – R2 P01
AVEVA Software, LLC / AVEVA InTouch 2020unspecified – R2 P01
AVEVA Software, LLC / AVEVA MES 2014unspecified – R2
AVEVA Software, LLC / AVEVA System Platform 2020unspecified – R2 P01

References

MISChttps://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2021-003.pdf