Vulnerabilities > Osisoft > PI Interface Configuration Utility

DATE CVE VULNERABILITY TITLE RISK
2020-07-24 CVE-2020-10610 Untrusted Search Path vulnerability in Osisoft products
In OSIsoft PI System multiple products and versions, a local attacker can modify a search path and plant a binary to exploit the affected PI System software to take control of the local computer at Windows system privilege level, resulting in unauthorized information disclosure, deletion, or modification.
local
low complexity
osisoft CWE-426
7.2
2020-07-24 CVE-2020-10608 Improper Verification of Cryptographic Signature vulnerability in Osisoft products
In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries.
local
low complexity
osisoft CWE-347
4.6
2020-07-24 CVE-2020-10606 Incorrect Default Permissions vulnerability in Osisoft products
In OSIsoft PI System multiple products and versions, a local attacker can exploit incorrect permissions set by affected PI System software.
local
low complexity
osisoft CWE-276
4.6