Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

osisoft pi connector vulnerabilities and exploits

(subscribe to this query)
4.6
CVSSv2
CVE-2020-10606
In OSIsoft PI System multiple products and versions, a local attacker can exploit incorrect permissions set by affected PI System software. This exploitation can result in unauthorized information disclosure, deletion, or modification if the local computer also processes PI Syste...
Osisoft Pi ApiOsisoft Pi Buffer SubsystemOsisoft Pi ConnectorOsisoft Pi Connector RelayOsisoft Pi Data ArchiveOsisoft Pi Data Collection ManagerOsisoft Pi IntegratorOsisoft Pi Interface Configuration UtilityOsisoft Pi To Ocs
4.6
CVSSv2
CVE-2020-10608
In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in un...
Osisoft Pi ApiOsisoft Pi Buffer SubsystemOsisoft Pi ConnectorOsisoft Pi Connector RelayOsisoft Pi Data ArchiveOsisoft Pi Data Collection ManagerOsisoft Pi IntegratorOsisoft Pi Interface Configuration UtilityOsisoft Pi To Ocs
7.2
CVSSv2
CVE-2020-10610
In OSIsoft PI System multiple products and versions, a local attacker can modify a search path and plant a binary to exploit the affected PI System software to take control of the local computer at Windows system privilege level, resulting in unauthorized information disclosure, ...
Osisoft Pi ApiOsisoft Pi Buffer SubsystemOsisoft Pi ConnectorOsisoft Pi Connector RelayOsisoft Pi Data ArchiveOsisoft Pi Data Collection ManagerOsisoft Pi IntegratorOsisoft Pi Interface Configuration UtilityOsisoft Pi To Ocs
NA
CVE-2022-27893
The Foundry Magritte plugin osisoft-pi-web-connector versions 0.15.0 - 0.43.0 was found to be logging in a manner that captured authentication requests. This vulnerability is resolved in osisoft-pi-web-connector version 0.44.0.
Osisoft-pi-web-connector Project Osisoft-pi-web-connector
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377CVE-2024-20859CVE-2023-49606injectarbitrary CVE-2024-33788CVE-2024-30973IDORCVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook