CNNVD-202601-2842 Information

CNNVD ID

CNNVD-202601-2842

Related CVE

CVE-2025-65117

• CNNVD Published: 2026-01-16

Description (Chinese)

AVEVA Process Optimization是英国AVEVA公司的一个实时过程优化软件。 AVEVA Process Optimization存在安全漏洞，该漏洞源于经过身份验证的攻击者可能将OLE对象嵌入图形，可能导致权限提升。

Description (English)

AVEVA Production Optimization is a real-time process optimization software for AVEVA. There is a security loophole in AVEVA Production Optimization, which stems from the fact that an identified assailant may embed an OLE object in a graphic, which may lead to an increase in access.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

剑维软件

Published

2026-01-16

Last Modified

2026-02-24

References

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-01.json https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea https://www.aveva.com/en/support-and-success/cyber-security-updates/ https://www.cisa.gov/news-events/ics-advisories/icsa-26-015-01

Patch

https://www.aveva.com/en/support-and-success/cyber-security-updates/