CVE-2021-32999

AVEVA SuiteLink Server Improper Handling of Exceptional Conditions

CVSS 7.5 HIGHEPSS 0.9%CWE-755

Vexday Risk Score

21Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 7.5EPSS 0.9%KEV nãoPoC —Patch —

Lifecycle

Sep 23, 2021Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Improper handling of exceptional conditions in SuiteLink server while processing command 0x01

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

AVEVA Software, LLC · AVEVA Batch Management 2020 AVEVA Software, LLC · AVEVA Communication Drivers Pack 2020 AVEVA Software, LLC · AVEVA Historian 2020 AVEVA Software, LLC · AVEVA InTouch 2020 AVEVA Software, LLC · AVEVA MES 2014 AVEVA Software, LLC · AVEVA System Platform 2020

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2021-003.pdf