What is CVE-2022-0835?

CVE-2022-0835 is a vulnerability in AVEVA System Platform 2020 that allows access to sensitive information stored in cleartext.

How severe is CVE-2022-0835?

CVE-2022-0835 has a severity rating of 5.5, which is considered high.

How does CVE-2022-0835 impact AVEVA System Platform 2020?

CVE-2022-0835 allows an attacker or a low-privileged user to access sensitive information stored in cleartext in AVEVA System Platform 2020.

How can I fix CVE-2022-0835?

To fix CVE-2022-0835, it is recommended to apply the necessary patches or updates provided by AVEVA.

Are there any references for CVE-2022-0835?

Yes, you can find references for CVE-2022-0835 at the following links: [link1](https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2021-007.pdf), [link2](https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-02).

Vulnerability/
CVE-2022-0835

high

8.1

CWE

312 316

11/4/2022

2/8/2024

CVE-2022-0835: AVEVA System Platform Cleartext Storage of Sensitive Information in Memory

First published: Mon Apr 11 2022(Updated: )

AVEVA System Platform 2020 stores sensitive information in cleartext, which may allow access to an attacker or a low-privileged user.

Credit: ics-cert@hq.dhs.gov

Affected Software	Affected Version	How to fix
AVEVA System Platform	=2020
AVEVA System Platform	=2020-r2_patch01
AVEVA System Platform	=2020-r2s
AVEVA System Platform 2020 R2 P01
AVEVA System Platform 2020 R2S
AVEVA System Platform 2020

Remedy

AVEVA recommends users of affected versions upgrade to one of the versions listed below and apply the corresponding security update: • AVEVA System Platform 2020 R2 P01 and AVEVA System Platform 2020 R2: update to AVEVA System Platform 2020 R2 SP1 • AVEVA System Platform 2020: update to AVEVA System Platform 2020 P01 For more information on this issue, including security updates, please see Security Bulletin AVEVA-2021-007

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

ICSA-22-067-02

Frequently Asked Questions

What is CVE-2022-0835?
CVE-2022-0835 is a vulnerability in AVEVA System Platform 2020 that allows access to sensitive information stored in cleartext.
How severe is CVE-2022-0835?
CVE-2022-0835 has a severity rating of 5.5, which is considered high.
How does CVE-2022-0835 impact AVEVA System Platform 2020?
CVE-2022-0835 allows an attacker or a low-privileged user to access sensitive information stored in cleartext in AVEVA System Platform 2020.
How can I fix CVE-2022-0835?
To fix CVE-2022-0835, it is recommended to apply the necessary patches or updates provided by AVEVA.
Are there any references for CVE-2022-0835?
Yes, you can find references for CVE-2022-0835 at the following links: [link1](https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2021-007.pdf), [link2](https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-02).

collector/nvd-index
agent/weakness
agent/type
collector/mitre-cve
source/MITRE
agent/author
agent/title
agent/last-modified-date
agent/remedy
agent/description
agent/first-publish-date
agent/references
agent/severity
agent/event
collector/ics-cert-advisory
source/ICS
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/softwarecombine
agent/tags
agent/trending
vendor/aveva
canonical/aveva system platform
version/aveva system platform/2020
version/aveva system platform/2020-r2_patch01
version/aveva system platform/2020-r2s
canonical/aveva system platform 2020 r2 p01
canonical/aveva system platform 2020 r2s
canonical/aveva system platform 2020