Vulnerabilities > CVE-2020-10602 - NULL Pointer Dereference vulnerability in PI Data Archive 2018

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

high complexity

CWE-476

NVD

Published: 2020-07-24

Updated: 2024-11-21

Summary

In OSIsoft PI System multiple products and versions, an authenticated remote attacker could crash PI Network Manager due to a race condition. This can result in blocking connections and queries to PI Data Archive.

Vulnerable Configurations

Part	Description	Count
Application	Pi PI Data Archive 2018	2

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02
https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02