CVE-2021-42796 Information

Description

An issue was discovered in ExecuteCommand() in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior that allows unauthenticated arbitrary commands to be executed.

Reference

https://www.aveva.com/en/products/edge/ https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01