Unrated severityNVD Advisory· Published Jan 16, 2026· Updated Jan 16, 2026
AVEVA Process Optimization Missing Authorization
CVE-2025-64729
Description
The vulnerability, if exploited, could allow an authenticated miscreant (OS Standard User) to tamper with Process Optimization project files, embed code, and escalate their privileges to the identity of a victim user who subsequently interacts with the project files.
Affected products
1- AVEVA/Process Optimizationv5Range: 0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-01.jsonmitre
- softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68eamitre
- www.aveva.com/en/support-and-success/cyber-security-updates/mitre
- www.cisa.gov/news-events/ics-advisories/icsa-26-015-01mitre
News mentions
0No linked articles in our index yet.