Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
osisoft pi data archive vulnerabilities and exploits
(subscribe to this query)
632
VMScore
CVE-2018-7531
An Improper Input Validation issue exists in OSIsoft PI Data Archive versions 2017 and prior. Unauthenticated users may use unvalidated custom requests to crash the server.
Osisoft Pi Data Archive
Osisoft Pi Data Archive 2017
641
VMScore
CVE-2018-7533
An Incorrect Default Permissions issue exists in OSIsoft PI Data Archive versions 2017 and prior. Insecure default configuration may allow escalation of privileges that gives the actor full control over the system.
Osisoft Pi Data Archive 2017
Osisoft Pi Data Archive
187
VMScore
CVE-2016-8365
OSIsoft PI System software (Applications using PI Asset Framework (AF) Client versions prior to PI AF Client 2016, Version 2.8.0; Applications using PI Software Development Kit (SDK) versions prior to PI SDK 2016, Version 1.4.6; PI Buffer Subsystem, versions prior to and includin...
Osisoft Pi Af Client
Osisoft Pi Sdk
Osisoft Pi Buffer Subsystem
Osisoft Pi Data Archive
694
VMScore
CVE-2018-7529
A Deserialization of Untrusted Data issue exists in OSIsoft PI Data Archive versions 2017 and prior. Unauthenticated users may modify deserialized data to send custom requests that crash the server.
Osisoft Pi Data Archive
436
VMScore
CVE-2020-10600
An authenticated remote attacker could crash PI Archive Subsystem when the subsystem is working under memory pressure. This can result in blocking queries to PI Data Archive (2018 SP2 and prior versions).
Osisoft Pi Data Archive
516
VMScore
CVE-2017-7930
An Improper Authentication issue exists in OSIsoft PI Server 2017 PI Data Archive versions before 2017. PI Data Archive has protocol flaws with the potential to expose change records in the clear and allow a malicious party to spoof a server within a collective.
Osisoft Pi Data Archive
383
VMScore
CVE-2017-7934
An Improper Authentication issue exists in OSIsoft PI Server 2017 PI Data Archive versions before 2017. PI Network Manager using older protocol versions contains a flaw that could allow a malicious user to authenticate with a server and then cause PI Network Manager to behave in ...
Osisoft Pi Data Archive
641
VMScore
CVE-2020-10610
In OSIsoft PI System multiple products and versions, a local attacker can modify a search path and plant a binary to exploit the affected PI System software to take control of the local computer at Windows system privilege level, resulting in unauthorized information disclosure, ...
Osisoft Pi Api
Osisoft Pi Buffer Subsystem
Osisoft Pi Connector
Osisoft Pi Connector Relay
Osisoft Pi Data Archive
Osisoft Pi Data Collection Manager
Osisoft Pi Integrator
Osisoft Pi Interface Configuration Utility
Osisoft Pi To Ocs
409
VMScore
CVE-2020-10606
In OSIsoft PI System multiple products and versions, a local attacker can exploit incorrect permissions set by affected PI System software. This exploitation can result in unauthorized information disclosure, deletion, or modification if the local computer also processes PI Syste...
Osisoft Pi Api
Osisoft Pi Buffer Subsystem
Osisoft Pi Connector
Osisoft Pi Connector Relay
Osisoft Pi Data Archive
Osisoft Pi Data Collection Manager
Osisoft Pi Integrator
Osisoft Pi Interface Configuration Utility
Osisoft Pi To Ocs
409
VMScore
CVE-2020-10608
In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in un...
Osisoft Pi Api
Osisoft Pi Buffer Subsystem
Osisoft Pi Connector
Osisoft Pi Connector Relay
Osisoft Pi Data Archive
Osisoft Pi Data Collection Manager
Osisoft Pi Integrator
Osisoft Pi Interface Configuration Utility
Osisoft Pi To Ocs
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »