Lucene search
K

323 matches found

Prion
Prion
added 2020/07/24 11:15 p.m.23 views

Information disclosure

In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized...

4.6CVSS7.5AI score0.00223EPSS
Exploits0References1Affected Software9
Prion
Prion
added 2020/07/24 11:15 p.m.18 views

Information disclosure

In OSIsoft PI System multiple products and versions, a local attacker can modify a search path and plant a binary to exploit the affected PI System software to take control of the local computer at Windows system privilege level, resulting in unauthorized information disclosure, deletion, or...

7.2CVSS7.4AI score0.00378EPSS
Exploits0References1Affected Software9
Cvelist
Cvelist
added 2020/07/24 11:1 p.m.23 views

CVE-2020-10600 OSIsoft PI System

An authenticated remote attacker could crash PI Archive Subsystem when the subsystem is working under memory pressure. This can result in blocking queries to PI Data Archive 2018 SP2 and prior versions...

5.9CVSS6.8AI score0.00842EPSS
Exploits0References1
CVE
CVE
added 2020/07/24 10:58 p.m.63 views

CVE-2020-10602

CVE-2020-10602 affects OSIsoft PI System components where an authenticated remote attacker can crash the PI Network Manager due to a race condition, potentially blocking connections and queries to the PI Data Archive. Connected sources corroborate a family of related race-condition/crash flaws ac...

5.3CVSS5.1AI score0.00881EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/07/24 10:58 p.m.25 views

CVE-2020-10602

In OSIsoft PI System multiple products and versions, an authenticated remote attacker could crash PI Network Manager due to a race condition. This can result in blocking connections and queries to PI Data Archive...

5.2AI score0.00881EPSS
Exploits0References1
CVE
CVE
added 2020/07/24 10:55 p.m.72 views

CVE-2020-10606

CVE-2020-10606 affects OSIsoft PI System (multiple products/versions). The issue is incorrect default permissions that allow a local attacker to access and potentially disclose, delete, or modify data if the machine processes PI System data from multiple users (e.g., shared workstations/terminal ...

7.8CVSS7.1AI score0.0027EPSS
Exploits0References1Affected Software9
Cvelist
Cvelist
added 2020/07/24 10:55 p.m.20 views

CVE-2020-10606

In OSIsoft PI System multiple products and versions, a local attacker can exploit incorrect permissions set by affected PI System software. This exploitation can result in unauthorized information disclosure, deletion, or modification if the local computer also processes PI System data from other...

7.2AI score0.0027EPSS
Exploits0References1
CVE
CVE
added 2020/07/24 10:46 p.m.66 views

CVE-2020-10608

CVE-2020-10608 affects the OSIsoft PI System. A local attacker can plant a binary and bypass a code integrity check when loading PI System libraries, allowing privilege escalation and leading to unauthorized disclosure, deletion, or modification of local data. Red Hat and NVD entries corroborate ...

7.8CVSS7.4AI score0.00223EPSS
Exploits0References1Affected Software9
Cvelist
Cvelist
added 2020/07/24 10:46 p.m.36 views

CVE-2020-10608

In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized...

7.5AI score0.00223EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/07/24 10:42 p.m.32 views

CVE-2020-10610

In OSIsoft PI System multiple products and versions, a local attacker can modify a search path and plant a binary to exploit the affected PI System software to take control of the local computer at Windows system privilege level, resulting in unauthorized information disclosure, deletion, or...

7.4AI score0.00378EPSS
Exploits0References1
CVE
CVE
added 2020/07/24 10:42 p.m.82 views

CVE-2020-10610

CVE-2020-10610 affects OSIsoft PI System components. A local attacker can modify the search path and plant a binary to execute on the target, gaining Windows SYSTEM privileges and causing unauthorized disclosure, deletion, or modification of data. The vulnerability is classified as Uncontrolled S...

7.8CVSS7.3AI score0.00378EPSS
Exploits0References1Affected Software9
Positive Technologies
Positive Technologies
added 2020/07/24 12:0 a.m.4 views

PT-2020-12233 · Osisoft · Osisoft Pi System

Name of the Vulnerable Software and Affected Versions: OSIsoft PI System affected versions not specified Description: A remote, unauthenticated attacker could crash the PI Network Manager service through specially crafted requests, resulting in blocked connections and queries to the PI Data...

7.5CVSS7.4AI score0.02147EPSS
Exploits0References3
NVD
NVD
added 2020/06/23 10:15 p.m.35 views

CVE-2020-12021

In OSIsoft PI Web API 2019 Patch 1 1.12.0.6346 and all previous versions, the affected product is vulnerable to a cross-site scripting attack, which may allow an attacker to remotely execute arbitrary code...

9CVSS0.0157EPSS
Exploits0References1
OSV
OSV
added 2020/06/23 10:15 p.m.6 views

CVE-2020-12021

In OSIsoft PI Web API 2019 Patch 1 1.12.0.6346 and all previous versions, the affected product is vulnerable to a cross-site scripting attack, which may allow an attacker to remotely execute arbitrary code...

9CVSS7.4AI score0.0157EPSS
Exploits0References1
Prion
Prion
added 2020/06/23 10:15 p.m.21 views

Cross site scripting

In OSIsoft PI Web API 2019 Patch 1 1.12.0.6346 and all previous versions, the affected product is vulnerable to a cross-site scripting attack, which may allow an attacker to remotely execute arbitrary code...

6CVSS8.7AI score0.0157EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/06/23 9:36 p.m.33 views

CVE-2020-12021

In OSIsoft PI Web API 2019 Patch 1 1.12.0.6346 and all previous versions, the affected product is vulnerable to a cross-site scripting attack, which may allow an attacker to remotely execute arbitrary code...

8.8AI score0.0157EPSS
Exploits0References1
CVE
CVE
added 2020/06/23 9:36 p.m.54 views

CVE-2020-12021

CVE-2020-12021 affects OSIsoft PI Web API (2019 Patch 1, 1.12.0.6346) and earlier, with a cross-site scripting vulnerability that could enable a remote attacker to execute arbitrary JavaScript in a user’s browser, potentially leading to data view/modification/deletion under the victim’s permissio...

9CVSS8.6AI score0.0157EPSS
Exploits0References1Affected Software1
ICS
ICS
added 2020/06/11 12:0 a.m.53 views

OSIsoft PI Web API 2019

1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Exploitable remotely Vendor: OSIsoft Equipment: PI Web API 2019 Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote authenticated attacker with write access to a PI Server to trick a...

9CVSS9.1AI score0.0157EPSS
Exploits0References5
CNVD
CNVD
added 2020/05/13 12:0 a.m.3 views

OSIsoft PI Data Archive Null Pointer Reference Vulnerability

OSIsoft PI Web API is a product from OSIsoft USA for accessing PI system data. A null pointer reference vulnerability exists in OSIsoft PI Data Archive, which can be exploited by an attacker to crash the PI Archive Subsystem...

7.1CVSS6.8AI score0.00842EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/13 12:0 a.m.2 views

Unspecified Vulnerability in OSIsoft PI Data Archive

OSIsoft PI Data Archive is a file archiving and storage component for PI Server from OSIsoft, USA. The component is mainly used for archiving and storing configuration information and time series data. A security vulnerability exists in OSIsoft PI Data Archive version 2018 and 2018 SP2. A remote...

7.5CVSS6.7AI score0.02147EPSS
Exploits0References1
Rows per page
Query Builder