Vulnerabilities > CVE-2018-14810 - Out-of-bounds Write vulnerability in We-Con PI Studio and PI Studio HMI

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
we-con
CWE-787
critical

Summary

WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior parse files and pass invalidated user data to an unsafe method call, which may allow code to be executed in the context of an administrator.

Vulnerable Configurations

Part Description Count
Application
We-Con
4

Common Weakness Enumeration (CWE)