CVE-2020-10608

In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized...

CVE-2020-10602

In OSIsoft PI System multiple products and versions, an authenticated remote attacker could crash PI Network Manager due to a race condition. This can result in blocking connections and queries to PI Data Archive...

CVE-2020-10606

In OSIsoft PI System multiple products and versions, a local attacker can exploit incorrect permissions set by affected PI System software. This exploitation can result in unauthorized information disclosure, deletion, or modification if the local computer also processes PI System data from other...

CVE-2020-10610

In OSIsoft PI System multiple products and versions, a local attacker can modify a search path and plant a binary to exploit the affected PI System software to take control of the local computer at Windows system privilege level, resulting in unauthorized information disclosure, deletion, or...

EUVD-2020-3058

Malware in sbrugna...

EUVD-2020-3062

Malware in sbrugna...

EUVD-2016-9213

Malware in sbrugna...

EUVD-2016-9201

Malware in sbrugna...

EUVD-2020-3056

Malware in sbrugna...

EUVD-2020-3054

Malware in sbrugna...

EUVD-2019-8042

Malware in sbrugna...

EUVD-2020-3050

Malware in sbrugna...

CVE-2020-10604

In OSIsoft PI System multiple products and versions, a remote, unauthenticated attacker could crash PI Network Manager service through specially crafted requests. This can result in blocking connections and queries to PI Data Archive...

CVE-2020-10614

In OSIsoft PI System multiple products and versions, an authenticated remote attacker with write access to PI Vision databases could inject code into a display. Unauthorized information disclosure, deletion, or modification is possible if a victim views the infected display...

CVE-2019-18244

In OSIsoft PI System multiple products and versions, a local attacker could view sensitive information in log files when service accounts are customized during installation or upgrade of PI Vision. The update fixes a previously reported issue...

CVE-2024-3467

There is a vulnerability in AVEVA PI Asset Framework Client that could allow malicious code to execute on the PI System Explorer environment under the privileges of an interactive user that was socially engineered to import XML supplied by an attacker...

CVE-2024-3467

There is a vulnerability in AVEVA PI Asset Framework Client that could allow malicious code to execute on the PI System Explorer environment under the privileges of an interactive user that was socially engineered to import XML supplied by an attacker...

CVE-2024-3467

Vulnerability summary (CVE-2024-3467) : AVEVA PI Asset Framework Client is affected. The issue is described as Deserialization of Untrusted Data (CWE-502) in the PI System Explorer workflow, which could allow malicious code to execute under the privileges of an interactive user when XML data is s...

CVE-2024-3467 Deserialization of Untrusted Data in AVEVA PI Asset Framework Client

There is a vulnerability in AVEVA PI Asset Framework Client that could allow malicious code to execute on the PI System Explorer environment under the privileges of an interactive user that was socially engineered to import XML supplied by an attacker...

CVE-2020-25163

CVE-2020-25163 affects OSIsoft PI Vision (PI Vision 2020) prior to version 3.5.0. A remote attacker with write access to PI ProcessBook files can inject code that gets imported into PI Vision, enabling cross-site scripting and potentially unauthorized disclosure, modification, or deletion of PI S...