[Control systems] AVEVA security advisory (AV23-697)

Serial number: AV23-697
Date: November 14, 2023

On November 14, 2023, CISA published an ICS advisory to address vulnerabilities in the following products:

  • AVEVA SystemPlatform - version 2020 R2 SP1 P01 and prior
  • AVEVA Historian - version 2020 R2 SP1 P01 and prior
  • AVEVA Application Server - version 2020 R2 SP1 P01 and prior
  • AVEVA InTouch - version 2020 R2 SP1 P01 and prior
  • AVEVA Enterprise Licensing - version 3.7.002 and prior
  • AVEVA Manufacturing Execution System - version 2020 P01 and prior
  • AVEVA Recipe Management - version 2020 R2 Update 1 Patch 2 and prior
  • AVEVA Batch Management - version 2020 SP1 and prior
  • AVEVA Edge - version 2020 R2 SP1 P01 and prior
  • AVEVA Worktasks  - version 2020 U2 and prior
  • AVEVA Plant SCADA - version 2020 R2 Update 15 and prior
  • AVEVA Mobile Operator - version 2020 R1 and prior
  • AVEVA Communication Drivers Pack - version 2020 R2 SP1 and prior
  • AVEVA Telemetry Server - version 2020 R2 SP1 and prior

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates.

Date modified: