Osisoft: Security Vulnerabilities
The DNP Master Driver in the OSIsoft PI Interface before 3.1.2.54 for DNP3 allows remote attackers to cause a denial of service (interface shutdown) via a crafted TCP packet.
CVSS Score
7.1
EPSS Score
0.006
Published
2014-04-12
The OSIsoft PI Interface for IEEE C37.118 before 1.0.6.158 allows remote attackers to cause a denial of service (instance shutdown and data-collection outage) via crafted C37.118 configuration packets that trigger an invalid read operation.
CVSS Score
5.0
EPSS Score
0.005
Published
2013-08-22
The OSIsoft PI Interface for IEEE C37.118 before 1.0.6.158 allows remote attackers to cause a denial of service (memory consumption or memory corruption, instance shutdown, and data-collection outage) via crafted C37.118 configuration packets.
CVSS Score
5.0
EPSS Score
0.005
Published
2013-08-22
Stack-based buffer overflow in OSIsoft PI OPC DA Interface before 2.3.20.9 allows remote authenticated users to execute arbitrary code by sending packet data during the processing of messages associated with OPC items.
CVSS Score
8.5
EPSS Score
0.099
Published
2012-07-20
PI Server in OSIsoft PI System before 3.4.380.x does not properly use encryption in the default authentication process, which allows remote attackers to read or modify information in databases via unspecified vectors.
CVSS Score
6.4
EPSS Score
0.001
Published
2009-10-01
Page 5