3 matches found
CVE-2024-3468
CVE-2024-3468 affects AVEVA PI Web API (versions 2023 and earlier). The vulnerability is Deserialization of Untrusted Data that could allow malicious code to execute in the PI Web API environment when an interactive user is socially engineered to use API XML import payloads. CVSS details indicate...
CVE-2024-3468 Deserialization of Untrusted Data in AVEVA PI Web API
There is a vulnerability in AVEVA PI Web API that could allow malicious code to execute on the PI Web API environment under the privileges of an interactive user that was socially engineered to use API XML import functionality with content supplied by an attacker...
AVEVA PI Web API
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION : Exploitable remotely/low attack complexity Vendor : AVEVA Equipment : PI Web API Vulnerability : Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform remote code...