CVE-2023-6132

The vulnerability, if exploited, could allow a malicious entity with access to the file system to achieve arbitrary code execution and privilege escalation by tricking AVEVA Edge to load an unsafe DLL.

Published: Feb 29, 2024
Updated: May 4, 2025
CVE: CVE-2023-6132
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWEs:

CWE-427

Affected Software
References

Software	From	Fixed in
aveva / platform_common_services	4.4.6	4.4.6.x
aveva / platform_common_services	4.5.0	4.5.0.x
aveva / platform_common_services	4.5.1	4.5.1.x
aveva / platform_common_services	4.5.2	4.5.2.x

https://www.aveva.com/en/support-and-success/cyber-security-updates/
https://www.cisa.gov/news-events/ics-advisories/icsa-24-032-03

Vulnerability Database

289,697

CVE-2023-6132