Vulnerabilities > Aveva > Intouch 2014 > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-07-24 CVE-2018-10628 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Aveva Intouch 2014 and Intouch 2017
AVEVA InTouch 2014 R2 SP1 and prior, InTouch 2017, InTouch 2017 Update 1, and InTouch 2017 Update 2 allow an unauthenticated user to send a specially crafted packet that could overflow the buffer on a locale not using a dot floating point separator.
network
low complexity
aveva CWE-119
critical
9.8