Primary

Context

PcVue Networking Improper Input Validation Vulnerability Allowing Unauthorized Command Execution

Vulnerability

Patched

A vulnerability exists in the TCP-based client/server networking feature of PcVue. It arises from inadequate validation of certain payload elements in messages exchanged between stations, which can enable an attacker to execute unauthorized commands within the application. This issue affects all versions of PcVue.

Impact

Exploitation of this vulnerability allows for unauthorized command execution in the affected application.

Remediation

This vulnerability has been fixed in PcVue versions 12.0.31, 15.2.12, and 16.3.1.

Added: Sep 5, 2025, 5:17 PM

Updated: Sep 5, 2025, 5:49 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

0.6

exploitability

7.0

remediation

7.7

relevance

0.4

threat

0.0

urgency

1.4

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

0.6

exploitability

7.0

remediation

7.7

relevance

0.4

threat

0.0

urgency

1.4

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

PcVue Networking Improper Input Validation Vulnerability Allowing Unauthorized Command Execution

Vulnerability

Impact

Remediation

Affected Products

PcVue

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating