Описание
The vulnerability, if exploited, could allow an unauthenticated miscreant to achieve remote code execution under OS system privileges of “taoimr” service, potentially resulting in complete compromise of the model application server.
The vulnerability, if exploited, could allow an unauthenticated miscreant to achieve remote code execution under OS system privileges of “taoimr” service, potentially resulting in complete compromise of the model application server.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-61937
- https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-01.json
- https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea
- https://www.aveva.com/en/support-and-success/cyber-security-updates
- https://www.cisa.gov/news-events/ics-advisories/icsa-26-015-01
Связанные уязвимости
The vulnerability, if exploited, could allow an unauthenticated miscreant to achieve remote code execution under OS system privileges of “taoimr” service, potentially resulting in complete compromise of the model application server.
Уязвимость службы TAO ImR программного обеспечения для онлайн-моделирования и оптимизации процессов AVEVA Process Optimization, позволяющая нарушителю выполнить произвольный код и получить полный контроль над системой