Details of VAR-202102-1591

ID

VAR-202102-1591

TITLE

InoTouch Editor V2.6.8 has a binary vulnerability

Trust: 0.6

sources: CNVD: CNVD-2021-00085

DESCRIPTION

Shenzhen Inovance Technology Co., Ltd. focuses on the R&D, production and sales of industrial automation control products. It is positioned to serve mid- and high-end equipment manufacturers. Based on industrial automation control technology with independent intellectual property rights, it can quickly provide customers with personalized The solution is the main business model to realize the common growth of corporate value and customer value. InoTouch Editor V2.6.8 has a binary vulnerability, which can be exploited by attackers to construct malformed formula files and cause the program to crash.

Trust: 0.6

sources: CNVD: CNVD-2021-00085

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-00085

AFFECTED PRODUCTS

vendor:

inovance

model:

inotouch editor

scope:

version:

v2.6.8

Trust: 0.6

sources: CNVD: CNVD-2021-00085

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2021-00085
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2021-00085
severity:	MEDIUM
baseScore:	4.9
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2021-00085

EXTERNAL IDS

db:

CNVD

id:

CNVD-2021-00085

Trust: 0.6

sources: CNVD: CNVD-2021-00085

SOURCES

db:

CNVD

id:

CNVD-2021-00085

LAST UPDATE DATE

2022-05-04T08:52:13.093000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2021-00085

date:

2021-01-03T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2021-00085

date:

2021-02-06T00:00:00