Vulnerabilities (CVE)

Filtered by vendor We-con Subscribe

Filtered by product Pi Studio Hmi

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-17889	1 We-con	2 Pi Studio, Pi Studio Hmi	2019-10-09	4.3 MEDIUM	5.3 MEDIUM
In WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior when parsing project files, the XMLParser that ships with Wecon PIStudio is vulnerable to a XML external entity injection attack, which may allow sensitive information disclosure.
CVE-2018-14814	1 We-con	2 Pi Studio, Pi Studio Hmi	2019-10-09	4.3 MEDIUM	6.5 MEDIUM
WECON Technology PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior lacks proper validation of user-supplied data, which may result in a read past the end of an allocated object.