Security experts discovered several vulnerabilities in WECONs PI Studio HMI software. The company specializes in human-machine interfaces (HMIs), programmable logic controllers (PLCs), and industrial PCs. The software is widely used in critical manufacturing, energy, metallurgy, chemical, and water and wastewater sectors. The vulnerabilities include a critical stack-based buffer overflow vulnerability, tracked as CVE-2018-14818, and a high severity out-of-bounds write bug that could allow code to be executed in the context of an administrator.”]
Source: https://securityaffairs.co/wordpress/76944/hacking/wecon-pi-studio-flaws.html