Your review has been sent successfully

OSIsoft Update

2155
Classification
These posts contain security alerts, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Most Viewed Warnings

Dell EMC Alert

● Critical

F5 Alert

● High

IBM Alert

● Critical

Fortinet Alert

● High

Red Hat Alert

● High

حملات تصيدية تستهدف مايكروسوفت تيمز (Microsoft Teams)

● High

Warning Date

Severity Level

Warning Number

Target Sector

13 May, 2020

● High

2020-1230

All

Description:

OSIsoft has released security update to address multiple vulnerabilities in the following versions of PI System :

  • Applications using PI Asset Framework (AF) Client versions prior to and including PI AF Client 2018 SP3 Patch 1, Version 2.10.7.283
  • Applications using PI Software Development Kit (SDK) versions prior to and including PI SDK 2018 SP1, Version 1.4.7.602
  • PI API for Windows Integrated Security versions prior to and including 2.0.2.5,
  • PI API versions prior to and including 1.6.8.26
  • PI Buffer Subsystem versions prior to and including 4.8.0.18
  • PI Connector for BACnet, versions prior to and including 1.2.0.6
  • PI Connector for CygNet, versions prior to and including 1.4.0.17
  • PI Connector for DC Systems RTscada, versions prior to and including 1.2.0.42
  • PI Connector for Ethernet/IP, versions prior to and including 1.1.0.10
  • PI Connector for HART-IP, versions prior to and including 1.3.0.1
  • PI Connector for Ping, versions prior to and including 1.0.0.54
  • PI Connector for Wonderware Historian, versions prior to and including 1.5.0.88
  • PI Connector Relay, versions prior to and including 2.5.19.0
  • PI Data Archive versions prior to and including PI Data Archive 2018 SP3, Version 3.4.430.460
  • PI Data Collection Manager, versions prior to and including 2.5.19.0
  • PI Integrator for Business Analytics versions prior to and including 2018 R2 SP1, Version 2.2.0.183
  • PI Interface Configuration Utility (ICU) versions prior to and including 1.5.0.7
  • PI to OCS versions prior to and including 1.1.36.0
  • PI Data Archive 2018 and 2018 SP2
  • PI Data Archive 2018 SP2 and prior versions
  • PI Vision 2019 and prior
  • PI Manual Logger 2017 R2 Patch 1 and prior
  • RtReports Version 4.1 and prior
  • PI Vision 2019 and prior versions

Threats:

Attacker could exploit these vulnerabilities by doing the following:

  • Elevate privileges
  • Unauthorized modification
  • Unauthorized disclosure of information
  • Bypass of a protection mechanism

Best practice and Recommendations:

The CERT team encourages users to review OSIsoft security advisory and apply the necessary updates:

Last updated at 13 May, 2020

Rate the content

rate-icon
up icon