PI System
by Osisoft
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-8365 | Med | 0.36 | 5.5 | 0.00 | Apr 3, 2018 | OSIsoft PI System software (Applications using PI Asset Framework (AF) Client versions prior to PI AF Client 2016, Version 2.8.0; Applications using PI Software Development Kit (SDK) versions prior to PI SDK 2016, Version 1.4.6; PI Buffer Subsystem, versions prior to and… | ||
| CVE-2020-10604 | 0.00 | — | 0.02 | Jul 24, 2020 | In OSIsoft PI System multiple products and versions, a remote, unauthenticated attacker could crash PI Network Manager service through specially crafted requests. This can result in blocking connections and queries to PI Data Archive. | |||
| CVE-2020-10602 | 0.00 | — | 0.01 | Jul 24, 2020 | In OSIsoft PI System multiple products and versions, an authenticated remote attacker could crash PI Network Manager due to a race condition. This can result in blocking connections and queries to PI Data Archive. | |||
| CVE-2020-10606 | 0.00 | — | 0.00 | Jul 24, 2020 | In OSIsoft PI System multiple products and versions, a local attacker can exploit incorrect permissions set by affected PI System software. This exploitation can result in unauthorized information disclosure, deletion, or modification if the local computer also processes PI… | |||
| CVE-2020-10608 | 0.00 | — | 0.00 | Jul 24, 2020 | In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in… | |||
| CVE-2020-10610 | 0.00 | — | 0.00 | Jul 24, 2020 | In OSIsoft PI System multiple products and versions, a local attacker can modify a search path and plant a binary to exploit the affected PI System software to take control of the local computer at Windows system privilege level, resulting in unauthorized information disclosure,… | |||
| CVE-2019-18244 | 0.00 | — | 0.00 | Jan 15, 2020 | In OSIsoft PI System multiple products and versions, a local attacker could view sensitive information in log files when service accounts are customized during installation or upgrade of PI Vision. The update fixes a previously reported issue. |
- risk 0.36cvss 5.5epss 0.00
OSIsoft PI System software (Applications using PI Asset Framework (AF) Client versions prior to PI AF Client 2016, Version 2.8.0; Applications using PI Software Development Kit (SDK) versions prior to PI SDK 2016, Version 1.4.6; PI Buffer Subsystem, versions prior to and…
- CVE-2020-10604Jul 24, 2020risk 0.00cvss —epss 0.02
In OSIsoft PI System multiple products and versions, a remote, unauthenticated attacker could crash PI Network Manager service through specially crafted requests. This can result in blocking connections and queries to PI Data Archive.
- CVE-2020-10602Jul 24, 2020risk 0.00cvss —epss 0.01
In OSIsoft PI System multiple products and versions, an authenticated remote attacker could crash PI Network Manager due to a race condition. This can result in blocking connections and queries to PI Data Archive.
- CVE-2020-10606Jul 24, 2020risk 0.00cvss —epss 0.00
In OSIsoft PI System multiple products and versions, a local attacker can exploit incorrect permissions set by affected PI System software. This exploitation can result in unauthorized information disclosure, deletion, or modification if the local computer also processes PI…
- CVE-2020-10608Jul 24, 2020risk 0.00cvss —epss 0.00
In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in…
- CVE-2020-10610Jul 24, 2020risk 0.00cvss —epss 0.00
In OSIsoft PI System multiple products and versions, a local attacker can modify a search path and plant a binary to exploit the affected PI System software to take control of the local computer at Windows system privilege level, resulting in unauthorized information disclosure,…
- CVE-2019-18244Jan 15, 2020risk 0.00cvss —epss 0.00
In OSIsoft PI System multiple products and versions, a local attacker could view sensitive information in log files when service accounts are customized during installation or upgrade of PI Vision. The update fixes a previously reported issue.