الوصف:

أصدرت OSIsoft تحديثًا لمعالجة عددًا من الثغرات في النسخ التالية من PI System :

• Applications using PI Asset Framework (AF) Client versions prior to and including PI AF Client 2018 SP3 Patch 1, Version 2.10.7.283
• Applications using PI Software Development Kit (SDK) versions prior to and including PI SDK 2018 SP1, Version 1.4.7.602
• PI API for Windows Integrated Security versions prior to and including 2.0.2.5,
• PI API versions prior to and including 1.6.8.26
• PI Buffer Subsystem versions prior to and including 4.8.0.18
• PI Connector for BACnet, versions prior to and including 1.2.0.6
• PI Connector for CygNet, versions prior to and including 1.4.0.17
• PI Connector for DC Systems RTscada, versions prior to and including 1.2.0.42
• PI Connector for Ethernet/IP, versions prior to and including 1.1.0.10
• PI Connector for HART-IP, versions prior to and including 1.3.0.1
• PI Connector for Ping, versions prior to and including 1.0.0.54
• PI Connector for Wonderware Historian, versions prior to and including 1.5.0.88
• PI Connector Relay, versions prior to and including 2.5.19.0
• PI Data Archive versions prior to and including PI Data Archive 2018 SP3, Version 3.4.430.460
• PI Data Collection Manager, versions prior to and including 2.5.19.0
• PI Integrator for Business Analytics versions prior to and including 2018 R2 SP1, Version 2.2.0.183
• PI Interface Configuration Utility (ICU) versions prior to and including 1.5.0.7
• PI to OCS versions prior to and including 1.1.36.0
• PI Data Archive 2018 and 2018 SP2
• PI Data Archive 2018 SP2 and prior versions
• PI Vision 2019 and prior
• PI Manual Logger 2017 R2 Patch 1 and prior
• RtReports Version 4.1 and prior
• PI Vision 2019 and prior versions

التهديدات:

يمكن للمهاجم استغلال الثغرات وتنفيذ ما يلي:

• رفع الصلاحيات لزيادة قدرته على التعديل في النظام
• تعديل غير مصرح به
• الكشف والإفصاح غير المصرح به للمعلومات
• تجاوز آلية الحماية

الإجراءات الوقائية:

يوصي المركز بتحديث المنتج المتأثر، حيث أصدرت OSIsoft توضيحًا لهذا التحديث:

• click here
• click here