Vulnerabilities > CVE-2020-10602 - NULL Pointer Dereference vulnerability in PI Data Archive 2018

CVSS 3.5 - LOW

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

SINGLE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

CWE-476

NVD

Published: 2020-07-24

Updated: 2020-08-05

Summary

In OSIsoft PI System multiple products and versions, an authenticated remote attacker could crash PI Network Manager due to a race condition. This can result in blocking connections and queries to PI Data Archive.

Vulnerable Configurations

Part	Description	Count
Application	Pi PI Data Archive 2018	2

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02