CVE-2021-33010
AVEVA System Platform Uncaught Exception
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
An exception is thrown from a function in AVEVA System Platform versions 2017 through 2020 R2 P01, but it is not caught, which may cause a denial-of-service condition.
Se lanza una excepción desde una función en AVEVA System Platform versiones 2017 hasta 2020 R2 P01, pero no es atrapada, lo que puede causar una condición de denegación de servicio
*Credits:
Sharon Brizinov of Claroty reported these vulnerabilities to AVEVA.
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-05-13 CVE Reserved
- 2022-04-04 CVE Published
- 2024-08-03 CVE Updated
- 2024-11-08 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-248: Uncaught Exception
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-21-180-05 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Aveva Search vendor "Aveva" | System Platform Search vendor "Aveva" for product "System Platform" | >= 2017 < 2020 Search vendor "Aveva" for product "System Platform" and version " >= 2017 < 2020" | - |
Affected
| ||||||
| Aveva Search vendor "Aveva" | System Platform Search vendor "Aveva" for product "System Platform" | 2020 Search vendor "Aveva" for product "System Platform" and version "2020" | - |
Affected
| ||||||
| Aveva Search vendor "Aveva" | System Platform Search vendor "Aveva" for product "System Platform" | 2020 Search vendor "Aveva" for product "System Platform" and version "2020" | r2 |
Affected
| ||||||
| Aveva Search vendor "Aveva" | System Platform Search vendor "Aveva" for product "System Platform" | 2020 Search vendor "Aveva" for product "System Platform" and version "2020" | r2_p01 |
Affected
| ||||||