Read the official statement by AVEVA here (registration required)
QUESTION
Which products are affected by critical vulnerability CVE-2022-22965?
ANSWER
AVEVA product offers are unaffected by the Spring4Shell vulnerability.
AVEVA continues investigating potentially-affected subcomponents in the supply chain for AVEVA product offers, partner integrations, and related websites.
AVEVA recommends customers deploy defensive measures to apply updates per vendor recommendations, in accordance with CISA recommendations.
ADDITIONAL INFORMATION
This article pertains to all AVEVA products and will be updated as necessary.
Reference: Investigation CR-129697.
For any questions or additional information, please get in touch with our Support Center HERE