AVEVA InduSoft Web Studio v8.1 and v8.1SP1, and InTouch Machine Edition v2017 8.1 and v2017 8.1 SP1 a remote user could send a carefully crafted packet to exploit a stack-based buffer overflow vulnerability during tag, alarm, or event related actions such as read and write, with potential for code to be executed.
[
{
"product": "InduSoft Web Studio",
"vendor": "AVEVA Software, LLC",
"versions": [
{
"status": "affected",
"version": "v8.1 and v8.1SP1"
}
]
},
{
"product": "InTouch Machine Edition",
"vendor": "AVEVA Software, LLC",
"versions": [
{
"status": "affected",
"version": "v2017 8.1 and v2017 8.1 SP1"
}
]
}
]