Vulnerability Details CVE-2020-10610
In OSIsoft PI System multiple products and versions, a local attacker can modify a search path and plant a binary to exploit the affected PI System software to take control of the local computer at Windows system privilege level, resulting in unauthorized information disclosure, deletion, or modification.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 29.8%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
Products affected by CVE-2020-10610
-
cpe:2.3:a:osisoft:pi_api:1.6.8.26
-
cpe:2.3:a:osisoft:pi_api:2.0.2.5
-
cpe:2.3:a:osisoft:pi_buffer_subsystem:4.8.0.18
-
cpe:2.3:a:osisoft:pi_connector:1.0.0.54
-
cpe:2.3:a:osisoft:pi_connector:1.1.0.10
-
cpe:2.3:a:osisoft:pi_connector:1.2.0.42
-
cpe:2.3:a:osisoft:pi_connector:1.2.0.6
-
cpe:2.3:a:osisoft:pi_connector:1.2.1.71
-
cpe:2.3:a:osisoft:pi_connector:1.2.2.79
-
cpe:2.3:a:osisoft:pi_connector:1.3.0.1
-
cpe:2.3:a:osisoft:pi_connector:1.3.0.130
-
cpe:2.3:a:osisoft:pi_connector:1.3.1.135
-
cpe:2.3:a:osisoft:pi_connector:1.4.0.17
-
cpe:2.3:a:osisoft:pi_connector:1.5.0.88
-
cpe:2.3:a:osisoft:pi_connector_relay:2.5.19.0
-
cpe:2.3:a:osisoft:pi_data_archive:3.4.430.460
-
cpe:2.3:a:osisoft:pi_data_collection_manager:2.5.19.0
-
cpe:2.3:a:osisoft:pi_integrator:2.2.0.183
-
cpe:2.3:a:osisoft:pi_interface_configuration_utility:1.5.0.7
-
cpe:2.3:a:osisoft:pi_to_ocs:1.1.36.0