Alert
AL00320 - OSIsoft releases security updates for PI Coresight with PI Vision 2017
2017-06-13

Summary

OSIsoft has released PI Vision 2017, which resolves two high-level security vulnerabilities: OSIsoft recommends upgrading to PI Vision 2017 or later to address these issues.

Impact

Successful exploit of these vulnerabilities would allow access to the PI System. Unauthorized viewing or alteration of PI System data is possible.

Affected Software

PI Coresight 2016 R2 and earlier versions.

Recommendation

Upgrade to PI Vision 2017 or greater to obtain the fix to the aforementioned vulnerability.

When OSIsoft issued this security bulletin was it aware of this vulnerability being exploited?

There are no known exploits at this time. OSIsoft is unaware of exploit activities related to these vulnerabilities.

References

Common Vulnerability Scoring System (CVSS) Score: 7.7
CVSS Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L

Common Vulnerability Scoring System (CVSS) Score: 7.1
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L