Unrated severityNVD Advisory· Published Jun 12, 2024· Updated Aug 1, 2024
Deserialization of Untrusted Data in AVEVA PI Asset Framework Client
CVE-2024-3467
Description
There is a vulnerability in AVEVA PI Asset Framework Client that could allow malicious code to execute on the PI System Explorer environment under the privileges of an interactive user that was socially engineered to import XML supplied by an attacker.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: 2023
Patches
Vulnerability mechanics
References
1- www.cisa.gov/news-events/ics-advisories/icsa-24-163-03mitregovernment-resource
News mentions
0No linked articles in our index yet.