CNNVD-202511-1808 Information
CNNVD ID
CNNVD-202511-1808
Related CVE
- CNNVD Published: 2025-11-15
Description (Chinese)
AVEVA Edge是英国剑维软件(AVEVA)公司的一款高度可扩展、灵活的 HMI/SCADA 软件。 AVEVA Edge存在加密问题漏洞,该漏洞源于攻击者可通过计算暴力破解弱哈希值,逆向工程获取Edge用户的应用程序原生密码或Active Directory密码。
Description (English)
AVEVA Edge is a highly scalable and flexible HMI/SCADA software from AVEVA. AVEVA Edge has a encryption loophole, which stems from the fact that the attackers can break the weak Hash value by calculating violence and obtain the original password of the application or the Active Directory password of the Edge user in reverse engineering.
Hazard Level
Medium
Vulnerability Type
加密问题
Affected Vendor
剑维软件
Published
2025-11-15
Last Modified
2026-02-24
References
https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2025-006.pdf https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-317-03.json https://www.cisa.gov/news-events/ics-advisories/icsa-25-317-03 https://access.redhat.com/security/cve/cve-2025-9317