5 matches found
CVE-2024-3467
There is a vulnerability in AVEVA PI Asset Framework Client that could allow malicious code to execute on the PI System Explorer environment under the privileges of an interactive user that was socially engineered to import XML supplied by an attacker...
CVE-2024-3467
Vulnerability summary (CVE-2024-3467) : AVEVA PI Asset Framework Client is affected. The issue is described as Deserialization of Untrusted Data (CWE-502) in the PI System Explorer workflow, which could allow malicious code to execute under the privileges of an interactive user when XML data is s...
CVE-2024-3467 Deserialization of Untrusted Data in AVEVA PI Asset Framework Client
There is a vulnerability in AVEVA PI Asset Framework Client that could allow malicious code to execute on the PI System Explorer environment under the privileges of an interactive user that was socially engineered to import XML supplied by an attacker...
CVE-2024-3467 Deserialization of Untrusted Data in AVEVA PI Asset Framework Client
There is a vulnerability in AVEVA PI Asset Framework Client that could allow malicious code to execute on the PI System Explorer environment under the privileges of an interactive user that was socially engineered to import XML supplied by an attacker...
AVEVA PI Asset Framework Client
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION : Low attack complexity Vendor : AVEVA Equipment : PI Asset Framework Client Vulnerability : Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow malicious code execution. 3. TECHNICAL...