A remote attacker could send a carefully crafted packet in InduSoft Web Studio v8.1 and prior versions, and/or InTouch Machine Edition 2017 v8.1 and prior versions during a tag, alarm, or event related action such as read and write, which may allow remote code execution.
Add your gear to cvedb and we'll alert you only when indusoft ships something exploited.
Check my exposure →This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.