ICSA-20-133-02 — Vulnetix

ICSA-20-133-02 PUBLISHED CVSS 7.800000190734863 HIGH

Successful exploitation of these vulnerabilities could allow an attacker to access unauthorized information, delete or modify local processes, and crash the affected device.

Risk Scores

CVSS v3.1

7.800000190734863

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
	PI Data Archive: versions prior to and including PI Data Archive 2018 SP3 Version 3.4.430.460
	PI Connector for Ethernet/IP: versions prior to and including 1.1.0.10
	PI Connector for Ping: versions prior to and including 1.0.0.54
	PI Data Collection Manager: versions prior to and including 2.5.19.0
	PI Integrator for Business Analytics: versions prior to and including 2018 R2 SP1 Version 2.2.0.183
	RtReports: Version 4.1 and prior
	PI Connector for DC Systems RTscada: versions prior to and including 1.2.0.42
	PI Vision 2019: and prior
	Applications using PI Asset Framework (AF) Client: versions prior to and including PI AF Client 2018 SP3 Patch 1 Version 2.10.7.283
	PI Connector for CygNet: versions prior to and including 1.4.0.17
	PI Connector for UFL: versions prior to and including 1.3.1.135
	PI API for Windows Integrated Security: versions prior to and including 2.0.2.5
	PI Connector for Wonderware Historian: versions prior to and including 1.5.0.88
	PI Connector for Siemens Simatic PCS 7: versions prior to and including 1.2.1.71
	PI Data Archive: 2018 SP2 and prior versions
	PI to OCS: versions prior to and including 1.1.36.0
	Applications using PI Software Development Kit (SDK): versions prior to and including PI SDK 2018 SP1 Version 1.4.7.602
	PI Data Archive: 2018 and 2018 SP2 only
	PI Connector for BACnet: versions prior to and including 1.2.0.6
	PI Manual Logger: 2017 R2 Patch 1 and prior

Timeline

May 12, 2020 CVE Published
Jun 9, 2020 CVE Updated

References

Open in Interactive Console →