What is CVE-2024-7113?

CVE-2024-7113 is a vulnerability in Aveva Application Server, classified under Allocation of Resources Without Limits or Throttling. Published 2024-08-13.

Is CVE-2024-7113 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Resource exhaustion in Aveva Application Server

CVE-2024-7113

If exploited, this vulnerability could cause a SuiteLink server to consume excessive system resources and slow down processing of Data I/O for the duration of the attack.

EPSS: 0.001 (33.8th percentile) — read the EPSS interpretation.

Affected products

Aveva Application Server — versions 0
Aveva Batch Management — versions 0
Aveva Communication Drivers Pack — versions 0
Aveva Historian — versions 0
Aveva Intouch — versions 0
Aveva Suitelink Server — versions 0

Weakness classification (CWE)

CWE-770 — Allocation of Resources Without Limits or Throttling

Public proof-of-concept exploits

fkie-cad/nvd-json-data-feeds

References

www.cisa.gov/news-events/ics-advisories/icsa-24-226-01 (government-resource)

Frequently asked questions

What is CVE-2024-7113?: CVE-2024-7113 is a vulnerability in Aveva Application Server, classified under Allocation of Resources Without Limits or Throttling. Published 2024-08-13.
Is CVE-2024-7113 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.