Your one-stop web resource providing safety and security information to manufacturers

VideoInsight created a new version that fixes a SQL injection vulnerability in its web client, according to a report with ICS-CERT.

Web Client Version and previous versions suffer from the remotely exploitable vulnerability. Researcher, Juan Pablo Lopez Yacubian, reported this vulnerability and has tested the patch.

Carlo Gavazzi Patches Vulnerabilities
OSIsoft Working to Fix Pi Hole
Medical Device Vulnerability Mitigated
Rockwell Fixes PAC Buffer Overflow

A successful exploit of this vulnerability could allow an attacker to execute arbitrary commands on the target system.

An attacker could have a low skill level to exploit this vulnerability.

Schneider Bold

The SQL Injection vulnerability could allow remote code execution.

CVE-2017-5151 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.3.

Click here to download the latest Version

Pin It on Pinterest

Share This