Vulnerabilities > Osisoft > PI Data Archive > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-25 | CVE-2020-10604 | Improper Handling of Exceptional Conditions vulnerability in Osisoft PI Data Archive 2018 In OSIsoft PI System multiple products and versions, a remote, unauthenticated attacker could crash PI Network Manager service through specially crafted requests. | 7.5 |
| 2020-07-24 | CVE-2020-10610 | Untrusted Search Path vulnerability in Osisoft products In OSIsoft PI System multiple products and versions, a local attacker can modify a search path and plant a binary to exploit the affected PI System software to take control of the local computer at Windows system privilege level, resulting in unauthorized information disclosure, deletion, or modification. | 7.8 |
| 2020-07-24 | CVE-2020-10608 | Improper Verification of Cryptographic Signature vulnerability in Osisoft products In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. | 7.8 |
| 2020-07-24 | CVE-2020-10606 | Incorrect Default Permissions vulnerability in Osisoft products In OSIsoft PI System multiple products and versions, a local attacker can exploit incorrect permissions set by affected PI System software. | 7.8 |
| 2020-07-24 | CVE-2020-10600 | NULL Pointer Dereference vulnerability in Osisoft PI Data Archive 2018/2019/3.4.430.460 An authenticated remote attacker could crash PI Archive Subsystem when the subsystem is working under memory pressure. | 7.1 |
| 2018-03-14 | CVE-2018-7533 | Incorrect Default Permissions vulnerability in Osisoft PI Data Archive 2017/3.4.430.460 An Incorrect Default Permissions issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. | 7.8 |
| 2018-03-14 | CVE-2018-7529 | Deserialization of Untrusted Data vulnerability in Osisoft PI Data Archive 3.4.430.460 A Deserialization of Untrusted Data issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. | 7.5 |
| 2017-08-25 | CVE-2017-7930 | Improper Authentication vulnerability in Osisoft PI Data Archive An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. | 7.4 |