VDB
CVE-2020-10608
CVE-2020-10608
PUBLISHED
CVSS 7.800000190734863 HIGH
In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized information disclosure, deletion, or modification.
EPSS 0.03% · 9.3th percentile
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.03%
9.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| osisoft | pi_connector | 0, 0, 0 |
| osisoft | pi_integrator | 0 |
| osisoft | pi_data_archive | 0 |
| osisoft | pi_to_ocs | 0 |
| osisoft | pi_connector_relay | 0 |
| osisoft | pi_data_collection_manager | 0 |
| n/a | OSIsoft PI System multiple products and versions | OSIsoft PI System multiple products and versions |
| osisoft | pi_buffer_subsystem | 0 |
| osisoft | pi_interface_configuration_utility | 0 |
| osisoft | pi_api | 0, 0 |
Timeline
- May 12, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score