Vulnerabilities in AUVESY Versiondog Data Management Software May Affect Industrial Environments

  • Issue

    26 October 2021

  • Editor

    Dan McCarthy

  • Editor in Chief

    Amery Smock

  • Date

    10/18/2021

  • Analysis

    CISA ICS Advisory warns of vulnerabilities in AUVESY versiondog data management software that could allow attackers to execute remote code and acquire complete remote control over industrial machines [1].
    AUVESY versiondog is an automated change management application providing backup and compare functions to monitor, track, and store changes. Versiondog supports devices from all major industrial control system manufacturers and is used by more than 1,200 customers worldwide [2].

    Claroty Team82 disclosed the critical vulnerabilities to AUVESY last year. The security flaws may allow an attacker to execute arbitrary code. AUVESY reports that 8.1 fixes these vulnerabilities [3]. Affected organizations may contact AUVESY to obtain the appropriate update.

  • Sources

    [1] CISA ICS Advisory https://us-cert.cisa.gov/ics/advisories/icsa-21-292-01
    [2] AUVESY Versiondog Overview https://auvesy.com/en/
    [3] Claroty Overview of Versiondog Vulnerabilities https://www.claroty.com/2021/10/19/claroty-auvesy-coordinate-disclosure-on-versiondog-vulnerabilities/

  • Analyst

    Joseph Agres

Previous Page | Back to Home

Subscribe

Note: The email address you provide will be stored and used for the sole purpose of sending the Industrial Cybersecurity Current Intelligence Digest. It will not otherwise be shared, sold, or intentionally disclosed. You may unsubscribe at any time by following the unsubscribe link included in each email.