CNNVD-202601-2839 Information
CNNVD ID
CNNVD-202601-2839
Related CVE
- CNNVD Published: 2026-01-16
Description (Chinese)
AVEVA Process Optimization是英国AVEVA公司的一个实时过程优化软件。 AVEVA Process Optimization存在代码问题漏洞,该漏洞源于经过身份验证的攻击者可能诱使Process Optimization服务加载任意代码,可能导致权限提升和模型应用服务器被完全破解。
Description (English)
AVEVA Production Optimization is a real-time process optimization software for AVEVA. There is a code gap in AVEVA Access Optimization, which stems from the fact that an identified assailant may induce the Proces Optimization service to load any code, which may lead to the full breakdown of the rights enhancement and model application server.
Hazard Level
Medium
Vulnerability Type
代码问题
Affected Vendor
剑维软件
Published
2026-01-16
Last Modified
2026-02-24
References
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-01.json https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea https://www.aveva.com/en/support-and-success/cyber-security-updates/ https://www.cisa.gov/news-events/ics-advisories/icsa-26-015-01
Patch
https://www.aveva.com/en/support-and-success/cyber-security-updates/
Share on: