Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2020-10608
Vulnerability from cvelistv5
Published
2020-07-24 22:46
Modified
2024-08-04 11:06
Severity ?
EPSS score ?
Summary
In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized information disclosure, deletion, or modification.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | OSIsoft PI System multiple products and versions |
Version: OSIsoft PI System multiple products and versions |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:06:09.916Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "OSIsoft PI System multiple products and versions", vendor: "n/a", versions: [ { status: "affected", version: "OSIsoft PI System multiple products and versions", }, ], }, ], descriptions: [ { lang: "en", value: "In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized information disclosure, deletion, or modification.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-347", description: "IMPROPER VERIFICATION OF CRYPTOGRAPHIC SIGNATURE CWE-347", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-24T22:46:02", orgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", shortName: "icscert", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "ics-cert@hq.dhs.gov", ID: "CVE-2020-10608", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "OSIsoft PI System multiple products and versions", version: { version_data: [ { version_value: "OSIsoft PI System multiple products and versions", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized information disclosure, deletion, or modification.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "IMPROPER VERIFICATION OF CRYPTOGRAPHIC SIGNATURE CWE-347", }, ], }, ], }, references: { reference_data: [ { name: "https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02", refsource: "MISC", url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", assignerShortName: "icscert", cveId: "CVE-2020-10608", datePublished: "2020-07-24T22:46:02", dateReserved: "2020-03-16T00:00:00", dateUpdated: "2024-08-04T11:06:09.916Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:osisoft:pi_api:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.6.8.26\", \"matchCriteriaId\": \"9D7B554C-447F-4C1B-838F-A6E8F690F6A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:osisoft:pi_api:*:*:*:*:*:windows_integrated_security:*:*\", \"versionEndIncluding\": \"2.0.2.5\", \"matchCriteriaId\": \"EDCD07A7-9079-444E-8AF0-EDD2CE8CEED4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:osisoft:pi_buffer_subsystem:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.8.0.18\", \"matchCriteriaId\": \"9A895F35-CC2E-4B74-99E7-5801C4276336\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:ping:*:*\", \"versionEndIncluding\": \"1.0.0.54\", \"matchCriteriaId\": \"19394A8B-C47C-4A1C-8D73-B2FAE624B504\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:ethernet\\\\/ip:*:*\", \"versionEndIncluding\": \"1.1.0.10\", \"matchCriteriaId\": \"E0889A10-FEFA-422A-81C6-33595076D5B9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:bacnet:*:*\", \"versionEndIncluding\": \"1.2.0.6\", \"matchCriteriaId\": \"F024275D-CC0D-40A6-8618-B8C2BCAC3453\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:dc_systems_rtscada:*:*\", \"versionEndIncluding\": \"1.2.0.42\", \"matchCriteriaId\": \"1634EED8-EE12-4F24-9D79-2108906D5941\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:siemens_simatic_pcs_7:*:*\", \"versionEndIncluding\": \"1.2.1.71\", \"matchCriteriaId\": \"3E4CA46D-C31A-4052-B3F1-755DC273D662\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:iec_60870-5-104:*:*\", \"versionEndIncluding\": \"1.2.2.79\", \"matchCriteriaId\": \"24376704-9C47-4BE7-AB95-1E5E194AD5A9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:hart-ip:*:*\", \"versionEndIncluding\": \"1.3.0.1\", \"matchCriteriaId\": \"DB0A663F-3C53-43CF-AE8B-C2FD93AE0547\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:opc-ua:*:*\", \"versionEndIncluding\": \"1.3.0.130\", \"matchCriteriaId\": \"DC780244-6475-4051-A901-02CF37CD80DC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:ufl:*:*\", \"versionEndIncluding\": \"1.3.1.135\", \"matchCriteriaId\": \"9912030A-5A3C-4254-B440-D3D8C47432A9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:cygnet:*:*\", \"versionEndIncluding\": \"1.4.0.17\", \"matchCriteriaId\": \"56274097-C75B-48BB-AA8A-C1213BCD1F37\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:wonderware_historian:*:*\", \"versionEndIncluding\": \"1.5.0.88\", \"matchCriteriaId\": \"EEB864E3-549D-4B2D-B89F-74E2F2454BEC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:osisoft:pi_connector_relay:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.19.0\", \"matchCriteriaId\": \"474D5BE5-759E-4760-A4CC-661019379A47\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:osisoft:pi_data_archive:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"3.4.430.460\", \"matchCriteriaId\": \"A918A5B9-40B4-4B00-A9F3-5F2F551447B5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:osisoft:pi_data_collection_manager:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.19.0\", \"matchCriteriaId\": \"C99F2BBE-D5E7-4F6F-B03F-1250F9D31542\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:osisoft:pi_integrator:*:*:*:*:*:business_analytics:*:*\", \"versionEndIncluding\": \"2.2.0.183\", \"matchCriteriaId\": \"31D2D676-90D7-4516-BCDB-86DE0F34B43B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:osisoft:pi_interface_configuration_utility:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.5.0.7\", \"matchCriteriaId\": \"23B33817-C61B-4369-A5B0-A9CAA6E83C62\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:osisoft:pi_to_ocs:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.1.36.0\", \"matchCriteriaId\": \"A0D626AC-1990-4885-AEEB-8E897D6A9FF9\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized information disclosure, deletion, or modification.\"}, {\"lang\": \"es\", \"value\": \"En m\\u00faltiples productos y versiones de OSIsoft PI System, un atacante local puede plantar un binario y omitir una comprobaci\\u00f3n de integridad de c\\u00f3digo para cargar bibliotecas de PI System. Esta explotaci\\u00f3n puede apuntar a otro usuario local del software PI System en la computadora para escalar privilegios y resultar en una divulgaci\\u00f3n, eliminaci\\u00f3n o modificaci\\u00f3n de informaci\\u00f3n no autorizada\"}]", id: "CVE-2020-10608", lastModified: "2024-11-21T04:55:41.463", metrics: "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 4.6, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}", published: "2020-07-24T23:15:11.877", references: "[{\"url\": \"https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}]", sourceIdentifier: "ics-cert@hq.dhs.gov", vulnStatus: "Modified", weaknesses: "[{\"source\": \"ics-cert@hq.dhs.gov\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-347\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-347\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2020-10608\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2020-07-24T23:15:11.877\",\"lastModified\":\"2024-11-21T04:55:41.463\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized information disclosure, deletion, or modification.\"},{\"lang\":\"es\",\"value\":\"En múltiples productos y versiones de OSIsoft PI System, un atacante local puede plantar un binario y omitir una comprobación de integridad de código para cargar bibliotecas de PI System. Esta explotación puede apuntar a otro usuario local del software PI System en la computadora para escalar privilegios y resultar en una divulgación, eliminación o modificación de información no autorizada\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-347\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-347\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:osisoft:pi_api:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.6.8.26\",\"matchCriteriaId\":\"9D7B554C-447F-4C1B-838F-A6E8F690F6A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:osisoft:pi_api:*:*:*:*:*:windows_integrated_security:*:*\",\"versionEndIncluding\":\"2.0.2.5\",\"matchCriteriaId\":\"EDCD07A7-9079-444E-8AF0-EDD2CE8CEED4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:osisoft:pi_buffer_subsystem:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.8.0.18\",\"matchCriteriaId\":\"9A895F35-CC2E-4B74-99E7-5801C4276336\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:ping:*:*\",\"versionEndIncluding\":\"1.0.0.54\",\"matchCriteriaId\":\"19394A8B-C47C-4A1C-8D73-B2FAE624B504\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:ethernet\\\\/ip:*:*\",\"versionEndIncluding\":\"1.1.0.10\",\"matchCriteriaId\":\"E0889A10-FEFA-422A-81C6-33595076D5B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:bacnet:*:*\",\"versionEndIncluding\":\"1.2.0.6\",\"matchCriteriaId\":\"F024275D-CC0D-40A6-8618-B8C2BCAC3453\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:dc_systems_rtscada:*:*\",\"versionEndIncluding\":\"1.2.0.42\",\"matchCriteriaId\":\"1634EED8-EE12-4F24-9D79-2108906D5941\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:siemens_simatic_pcs_7:*:*\",\"versionEndIncluding\":\"1.2.1.71\",\"matchCriteriaId\":\"3E4CA46D-C31A-4052-B3F1-755DC273D662\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:iec_60870-5-104:*:*\",\"versionEndIncluding\":\"1.2.2.79\",\"matchCriteriaId\":\"24376704-9C47-4BE7-AB95-1E5E194AD5A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:hart-ip:*:*\",\"versionEndIncluding\":\"1.3.0.1\",\"matchCriteriaId\":\"DB0A663F-3C53-43CF-AE8B-C2FD93AE0547\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:opc-ua:*:*\",\"versionEndIncluding\":\"1.3.0.130\",\"matchCriteriaId\":\"DC780244-6475-4051-A901-02CF37CD80DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:ufl:*:*\",\"versionEndIncluding\":\"1.3.1.135\",\"matchCriteriaId\":\"9912030A-5A3C-4254-B440-D3D8C47432A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:cygnet:*:*\",\"versionEndIncluding\":\"1.4.0.17\",\"matchCriteriaId\":\"56274097-C75B-48BB-AA8A-C1213BCD1F37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:wonderware_historian:*:*\",\"versionEndIncluding\":\"1.5.0.88\",\"matchCriteriaId\":\"EEB864E3-549D-4B2D-B89F-74E2F2454BEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:osisoft:pi_connector_relay:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.19.0\",\"matchCriteriaId\":\"474D5BE5-759E-4760-A4CC-661019379A47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:osisoft:pi_data_archive:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.4.430.460\",\"matchCriteriaId\":\"A918A5B9-40B4-4B00-A9F3-5F2F551447B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:osisoft:pi_data_collection_manager:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.19.0\",\"matchCriteriaId\":\"C99F2BBE-D5E7-4F6F-B03F-1250F9D31542\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:osisoft:pi_integrator:*:*:*:*:*:business_analytics:*:*\",\"versionEndIncluding\":\"2.2.0.183\",\"matchCriteriaId\":\"31D2D676-90D7-4516-BCDB-86DE0F34B43B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:osisoft:pi_interface_configuration_utility:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.5.0.7\",\"matchCriteriaId\":\"23B33817-C61B-4369-A5B0-A9CAA6E83C62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:osisoft:pi_to_ocs:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.1.36.0\",\"matchCriteriaId\":\"A0D626AC-1990-4885-AEEB-8E897D6A9FF9\"}]}]}],\"references\":[{\"url\":\"https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}]}}", }, }
var-202007-0031
Vulnerability from variot
In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized information disclosure, deletion, or modification. plural OSIsoft Made PI The system contains a vulnerability in digital signature verification.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202007-0031", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "pi data collection manager", scope: "lte", trust: 1, vendor: "osisoft", version: "2.5.19.0", }, { model: "pi buffer subsystem", scope: "lte", trust: 1, vendor: "osisoft", version: "4.8.0.18", }, { model: "pi api", scope: "lte", trust: 1, vendor: "osisoft", version: "2.0.2.5", }, { model: "pi connector", scope: "lte", trust: 1, vendor: "osisoft", version: "1.0.0.54", }, { model: "pi connector", scope: "lte", trust: 1, vendor: "osisoft", version: "1.4.0.17", }, { model: "pi api", scope: "lte", trust: 1, vendor: "osisoft", version: "1.6.8.26", }, { model: "pi integrator", scope: "lte", trust: 1, vendor: "osisoft", version: "2.2.0.183", }, { model: "pi connector", scope: "lte", trust: 1, vendor: "osisoft", version: "1.2.0.6", }, { model: "pi data archive", scope: "lte", trust: 1, vendor: "osisoft", version: "3.4.430.460", }, { model: "pi connector", scope: "lte", trust: 1, vendor: "osisoft", version: "1.2.2.79", }, { model: "pi connector", scope: "lte", trust: 1, vendor: "osisoft", version: "1.1.0.10", }, { model: "pi connector", scope: "lte", trust: 1, vendor: "osisoft", version: "1.2.0.42", }, { model: "pi to ocs", scope: "lte", trust: 1, vendor: "osisoft", version: "1.1.36.0", }, { model: "pi connector relay", scope: "lte", trust: 1, vendor: "osisoft", version: "2.5.19.0", }, { model: "pi connector", scope: "lte", trust: 1, vendor: "osisoft", version: "1.2.1.71", }, { model: "pi connector", scope: "lte", trust: 1, vendor: "osisoft", version: "1.5.0.88", }, { model: "pi connector", scope: "lte", trust: 1, vendor: "osisoft", version: "1.3.0.1", }, { model: "pi connector", scope: "lte", trust: 1, vendor: "osisoft", version: "1.3.0.130", }, { model: "pi interface configuration utility", scope: "lte", trust: 1, vendor: "osisoft", version: "1.5.0.7", }, { model: "pi connector", scope: "lte", trust: 1, vendor: "osisoft", version: "1.3.1.135", }, { model: "pi api", scope: null, trust: 0.8, vendor: "osisoft", version: null, }, { model: "pi buffer subsystem", scope: null, trust: 0.8, vendor: "osisoft", version: null, }, { model: "pi connector", scope: null, trust: 0.8, vendor: "osisoft", version: null, }, { model: "pi connector relay", scope: null, trust: 0.8, vendor: "osisoft", version: null, }, { model: "pi data archive", scope: null, trust: 0.8, vendor: "osisoft", version: null, }, { model: "pi data collection manager", scope: null, trust: 0.8, vendor: "osisoft", version: null, }, { model: "pi integrator for business analytics", scope: null, trust: 0.8, vendor: "osisoft", version: null, }, { model: "pi interface configuration utility", scope: null, trust: 0.8, vendor: "osisoft", version: null, }, { model: "pi to ocs", scope: null, trust: 0.8, vendor: "osisoft", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-009002", }, { db: "NVD", id: "CVE-2020-10608", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:osisoft:pi_api:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "1.6.8.26", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_api:*:*:*:*:*:windows_integrated_security:*:*", cpe_name: [], versionEndIncluding: "2.0.2.5", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_buffer_subsystem:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "4.8.0.18", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:ping:*:*", cpe_name: [], versionEndIncluding: "1.0.0.54", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:ethernet\\/ip:*:*", cpe_name: [], versionEndIncluding: "1.1.0.10", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:bacnet:*:*", cpe_name: [], versionEndIncluding: "1.2.0.6", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:dc_systems_rtscada:*:*", cpe_name: [], versionEndIncluding: "1.2.0.42", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:siemens_simatic_pcs_7:*:*", cpe_name: [], versionEndIncluding: "1.2.1.71", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:iec_60870-5-104:*:*", cpe_name: [], versionEndIncluding: "1.2.2.79", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:hart-ip:*:*", cpe_name: [], versionEndIncluding: "1.3.0.1", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:opc-ua:*:*", cpe_name: [], versionEndIncluding: "1.3.0.130", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:ufl:*:*", cpe_name: [], versionEndIncluding: "1.3.1.135", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:cygnet:*:*", cpe_name: [], versionEndIncluding: "1.4.0.17", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:wonderware_historian:*:*", cpe_name: [], versionEndIncluding: "1.5.0.88", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_connector_relay:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "2.5.19.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_data_archive:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "3.4.430.460", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_data_collection_manager:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "2.5.19.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_integrator:*:*:*:*:*:business_analytics:*:*", cpe_name: [], versionEndIncluding: "2.2.0.183", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_interface_configuration_utility:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "1.5.0.7", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_to_ocs:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "1.1.36.0", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2020-10608", }, ], }, cve: "CVE-2020-10608", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", exploitabilityScore: 3.9, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Local", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 4.6, confidentialityImpact: "Partial", exploitabilityScore: null, id: "JVNDB-2020-009002", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "LOCAL", author: "NVD", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.8, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Local", author: "NVD", availabilityImpact: "High", baseScore: 7.8, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-009002", impactScore: null, integrityImpact: "High", privilegesRequired: "Low", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2020-10608", trust: 1, value: "HIGH", }, { author: "NVD", id: "JVNDB-2020-009002", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-202005-692", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-009002", }, { db: "NVD", id: "CVE-2020-10608", }, { db: "CNNVD", id: "CNNVD-202005-692", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized information disclosure, deletion, or modification. plural OSIsoft Made PI The system contains a vulnerability in digital signature verification.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state", sources: [ { db: "NVD", id: "CVE-2020-10608", }, { db: "JVNDB", id: "JVNDB-2020-009002", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "ICS CERT", id: "ICSA-20-133-02", trust: 2.4, }, { db: "NVD", id: "CVE-2020-10608", trust: 2.4, }, { db: "JVN", id: "JVNVU94872807", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2020-009002", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2020.1679", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202005-692", trust: 0.6, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-009002", }, { db: "NVD", id: "CVE-2020-10608", }, { db: "CNNVD", id: "CNNVD-202005-692", }, ], }, id: "VAR-202007-0031", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.409523815, }, last_update_date: "2023-12-18T11:19:30.173000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Top Page", trust: 0.8, url: "https://www.osisoft.com/", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-009002", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-347", trust: 1.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-009002", }, { db: "NVD", id: "CVE-2020-10608", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-10608", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10608", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu94872807/", }, { trust: 0.6, url: "https://www.us-cert.gov/ics/advisories/icsa-20-133-02", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.1679/", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-009002", }, { db: "NVD", id: "CVE-2020-10608", }, { db: "CNNVD", id: "CNNVD-202005-692", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "JVNDB", id: "JVNDB-2020-009002", }, { db: "NVD", id: "CVE-2020-10608", }, { db: "CNNVD", id: "CNNVD-202005-692", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-10-13T00:00:00", db: "JVNDB", id: "JVNDB-2020-009002", }, { date: "2020-07-24T23:15:11.877000", db: "NVD", id: "CVE-2020-10608", }, { date: "2020-05-12T00:00:00", db: "CNNVD", id: "CNNVD-202005-692", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-10-13T00:00:00", db: "JVNDB", id: "JVNDB-2020-009002", }, { date: "2020-08-05T18:06:30.360000", db: "NVD", id: "CVE-2020-10608", }, { date: "2020-07-27T00:00:00", db: "CNNVD", id: "CNNVD-202005-692", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "local", sources: [ { db: "CNNVD", id: "CNNVD-202005-692", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural OSIsoft Made PI Vulnerability in Digital Signature Verification in Systems", sources: [ { db: "JVNDB", id: "JVNDB-2020-009002", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "data forgery", sources: [ { db: "CNNVD", id: "CNNVD-202005-692", }, ], trust: 0.6, }, }
icsa-20-133-02
Vulnerability from csaf_cisa
Published
2020-05-12 00:00
Modified
2020-06-09 00:00
Summary
OSIsoft PI System (Update A)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow an attacker to access unauthorized information, delete or modify local processes, and crash the affected device.
Critical infrastructure sectors
Multiple Sectors
Countries/areas deployed
Worldwide
Company headquarters location
United States
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Exploitability
No known public exploits specifically target these vulnerabilities.
{ document: { acknowledgments: [ { names: [ "William Knowles", ], organization: "Applied Risk", summary: "reporting vulnerabilities to CISA", }, { organization: "OSIsoft", summary: "reporting vulnerabilities to CISA", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en-US", notes: [ { category: "general", text: "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", title: "CISA Disclaimer", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "summary", text: "Successful exploitation of these vulnerabilities could allow an attacker to access unauthorized information, delete or modify local processes, and crash the affected device.", title: "Risk evaluation", }, { category: "other", text: "Multiple Sectors", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "United States", title: "Company headquarters location", }, { category: "general", text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, { category: "other", text: "No known public exploits specifically target these vulnerabilities.", title: "Exploitability", }, ], publisher: { category: "coordinator", contact_details: "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "self", summary: "ICS Advisory ICSA-20-133-02 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2020/icsa-20-133-02.json", }, { category: "self", summary: "ICS Advisory ICSA-20-133-02 Web Version", url: "https://www.cisa.gov/news-events/ics-advisories/icsa-20-133-02", }, { category: "external", summary: "Recommended Practices", url: "https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B", }, ], title: "OSIsoft PI System (Update A)", tracking: { current_release_date: "2020-06-09T00:00:00.000000Z", generator: { engine: { name: "CISA CSAF Generator", version: "1.0.0", }, }, id: "ICSA-20-133-02", initial_release_date: "2020-05-12T00:00:00.000000Z", revision_history: [ { date: "2020-05-12T00:00:00.000000Z", legacy_version: "Initial", number: "1", summary: "ICSA-20-133-02 OSIsoft PI System", }, { date: "2020-06-09T00:00:00.000000Z", legacy_version: "A", number: "2", summary: "ICSA-20-133-02 OSIsoft PI System (Update A)", }, ], status: "final", version: "2", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<= 1.2.0.6", product: { name: "PI Connector for BACnet: versions prior to and including 1.2.0.6", product_id: "CSAFPID-0001", }, }, ], category: "product_name", name: "PI Connector for BACnet", }, { branches: [ { category: "product_version_range", name: "<= 2.0.2.5", product: { name: "PI API for Windows Integrated Security: versions prior to and including 2.0.2.5", product_id: "CSAFPID-0002", }, }, ], category: "product_name", name: "PI API for Windows Integrated Security", }, { branches: [ { category: "product_version_range", name: "<= PI SDK 2018 SP1 Version 1.4.7.602", product: { name: "Applications using PI Software Development Kit (SDK): versions prior to and including PI SDK 2018 SP1 Version 1.4.7.602", product_id: "CSAFPID-0003", }, }, ], category: "product_name", name: "Applications using PI Software Development Kit (SDK)", }, { branches: [ { category: "product_version", name: "2018 | 2018 SP2", product: { name: "PI Data Archive: 2018 and 2018 SP2 only", product_id: "CSAFPID-0004", }, }, ], category: "product_name", name: "PI Data Archive", }, { branches: [ { category: "product_version_range", name: "<= 1.3.1.135", product: { name: "PI Connector for UFL: versions prior to and including 1.3.1.135", product_id: "CSAFPID-0005", }, }, ], category: "product_name", name: "PI Connector for UFL", }, { branches: [ { category: "product_version_range", name: "<= 1.2.1.71", product: { name: "PI Connector for Siemens Simatic PCS 7: versions prior to and including 1.2.1.71", product_id: "CSAFPID-0006", }, }, ], category: "product_name", name: "PI Connector for Siemens Simatic PCS 7", }, { branches: [ { category: "product_version_range", name: "<= 1.4.0.17", product: { name: "PI Connector for CygNet: versions prior to and including 1.4.0.17", product_id: "CSAFPID-0007", }, }, ], category: "product_name", name: "PI Connector for CygNet", }, { branches: [ { category: "product_version_range", name: "<= 1.2.0.42", product: { name: "PI Connector for DC Systems RTscada: versions prior to and including 1.2.0.42", product_id: "CSAFPID-0008", }, }, ], category: "product_name", name: "PI Connector for DC Systems RTscada", }, { branches: [ { category: "product_version_range", name: "<= 1.1.36.0", product: { name: "PI to OCS: versions prior to and including 1.1.36.0", product_id: "CSAFPID-0009", }, }, ], category: "product_name", name: "PI to OCS", }, { branches: [ { category: "product_version_range", name: "<= 1.0.0.54", product: { name: "PI Connector for Ping: versions prior to and including 1.0.0.54", product_id: "CSAFPID-00010", }, }, ], category: "product_name", name: "PI Connector for Ping", }, { branches: [ { category: "product_version_range", name: "<= 2.5.19.0", product: { name: "PI Data Collection Manager: versions prior to and including 2.5.19.0", product_id: "CSAFPID-00011", }, }, ], category: "product_name", name: "PI Data Collection Manager", }, { branches: [ { category: "product_version_range", name: "<= 2018 SP3 Version 3.4.430.460", product: { name: "PI Data Archive: versions prior to and including PI Data Archive 2018 SP3 Version 3.4.430.460", product_id: "CSAFPID-00012", }, }, ], category: "product_name", name: "PI Data Archive", }, { branches: [ { category: "product_version_range", name: "<= 2018 R2 SP1 Version 2.2.0.183", product: { name: "PI Integrator for Business Analytics: versions prior to and including 2018 R2 SP1 Version 2.2.0.183", product_id: "CSAFPID-00013", }, }, ], category: "product_name", name: "PI Integrator for Business Analytics", }, { branches: [ { category: "product_version_range", name: "<= 2017 R2 Patch 1", product: { name: "PI Manual Logger: 2017 R2 Patch 1 and prior", product_id: "CSAFPID-00014", }, }, ], category: "product_name", name: "PI Manual Logger", }, { branches: [ { category: "product_version_range", name: "<= 1.1.0.10", product: { name: "PI Connector for Ethernet/IP: versions prior to and including 1.1.0.10", product_id: "CSAFPID-00015", }, }, ], category: "product_name", name: "PI Connector for Ethernet/IP", }, { branches: [ { category: "product_version_range", name: "<= 1.5.0.88", product: { name: "PI Connector for Wonderware Historian: versions prior to and including 1.5.0.88", product_id: "CSAFPID-00016", }, }, ], category: "product_name", name: "PI Connector for Wonderware Historian", }, { branches: [ { category: "product_version_range", name: "<= 2019", product: { name: "PI Vision 2019: and prior", product_id: "CSAFPID-00017", }, }, ], category: "product_name", name: "PI Vision", }, { branches: [ { category: "product_version_range", name: "<= PI AF Client 2018 SP3 Patch 1 Version 2.10.7.283", product: { name: "Applications using PI Asset Framework (AF) Client: versions prior to and including PI AF Client 2018 SP3 Patch 1 Version 2.10.7.283", product_id: "CSAFPID-00018", }, }, ], category: "product_name", name: "Applications using PI Asset Framework (AF) Client", }, { branches: [ { category: "product_version_range", name: "<= 2018 SP2", product: { name: "PI Data Archive: 2018 SP2 and prior versions", product_id: "CSAFPID-00019", }, }, ], category: "product_name", name: "PI Data Archive", }, { branches: [ { category: "product_version_range", name: "<= 4.1", product: { name: "RtReports: Version 4.1 and prior", product_id: "CSAFPID-00020", }, }, ], category: "product_name", name: "RtReports", }, { branches: [ { category: "product_version_range", name: "<= 1.3.0.130", product: { name: "PI Connector for OPC-UA: versions prior to and including 1.3.0.130", product_id: "CSAFPID-00021", }, }, ], category: "product_name", name: "PI Connector for OPC-UA", }, { branches: [ { category: "product_version_range", name: "<= 2.5.19.0", product: { name: "PI Connector Relay: versions prior to and including 2.5.19.0", product_id: "CSAFPID-00022", }, }, ], category: "product_name", name: "PI Connector Relay", }, { branches: [ { category: "product_version_range", name: "<= 1.2.2.79", product: { name: "PI Connector for IEC 60870-5-104 versions: prior to and including 1.2.2.79", product_id: "CSAFPID-00023", }, }, ], category: "product_name", name: "PI Connector for IEC 60870-5-104 versions", }, { branches: [ { category: "product_version_range", name: "<= 4.8.0.18", product: { name: "PI Buffer Subsystem: versions prior to and including 4.8.0.18", product_id: "CSAFPID-00024", }, }, ], category: "product_name", name: "PI Buffer Subsystem", }, { branches: [ { category: "product_version_range", name: "<= 1.5.0.7", product: { name: "PI Interface Configuration Utility (ICU): versions prior to and including 1.5.0.7", product_id: "CSAFPID-00025", }, }, ], category: "product_name", name: "PI Interface Configuration Utility (ICU)", }, { branches: [ { category: "product_version_range", name: "<= 1.3.0.1", product: { name: "PI Connector for HART-IP: versions prior to and including 1.3.0.1", product_id: "CSAFPID-00026", }, }, ], category: "product_name", name: "PI Connector for HART-IP", }, { branches: [ { category: "product_version_range", name: "<= 2019", product: { name: "PI Vision: 2019 and prior versions", product_id: "CSAFPID-00027", }, }, ], category: "product_name", name: "PI Vision", }, { branches: [ { category: "product_version_range", name: "<= 1.6.8.26", product: { name: "PI API: versions prior to and including 1.6.8.26", product_id: "CSAFPID-00028", }, }, ], category: "product_name", name: "PI API", }, ], category: "vendor", name: "OSIsoft LLC", }, ], }, vulnerabilities: [ { cve: "CVE-2020-10610", cwe: { id: "CWE-427", name: "Uncontrolled Search Path Element", }, notes: [ { category: "summary", text: "A local attacker can modify a search path and plant a binary to exploit the affected PI System software to take control of the local computer at Windows system privilege level, resulting in unauthorized information disclosure, deletion, or modification.CVE-2020-10610 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been assigned; the CVSS vector string is (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10610", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "OSIsoft provides the following security updates to mitigate the reported vulnerabilities:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports further action should be taken after applying the security updates. Remove PI Asset Framework (AF) Client .NET 3.5 after verifying OSIsoft products that include the PI AF Client, such as PI ProcessBook, PI DataLink and other PI System desktop applications have been upgraded to 2015 (as well as later versions) in order to eliminate exposure to CVE-2020-10608.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For PI System servers and interface nodes that are normally unattended, limit console and remote desktop logon access to authorized administrators.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Individual updates for core PI System components are available. Additionally, the following OSIsoft product installation kits have been re-released to automatically deliver the updated components: ", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Client", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Connectors", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports not all products have been rebundled to include the affected update.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Contact OSIsoft support for guidance on products missing that use affected components that are missing from the currently available releases.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 Manage permissions on HKLM\\Software\\PISystem and HKLM\\WOW6432Node\\Software\\PISystem registry keys to block a high impact exploit path. See OSIsoft customer portal knowledge article PI System Registry Security Recommendations for details on setting registry permissions.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000026046", }, { category: "vendor_fix", details: "CVE-2019-18244 Provision and use domain Group Managed Service Accounts or use the default NetworkService account to run PI Vision AppPools. There is no exposure to this vulnerability when using either of these account types. To limit exposure in case standard domain account is used to run PI Vision AppPools, remove the password entry from the setup log files immediately.\nOSIsoft reports the following measures can be used to lower likelihood of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610, CVE-2020-10608, CVE-2020-10606 Migrate standard users to PI Vision and browser-based access to PI System data.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10608 Restrict network connections from PI client workstations to trusted AF servers (TCP Port 5457).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10606 Disable unused PI Buffering services from PI client workstations (PI Buffer Subsystem, PI Buffer Server).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2019-10768, CVE-2020-10600, CVE-2020-10614 Limit write access to PI Vision displays to trusted users.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "The following measures can be used to lower the potential impact of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 and CVE-2020-10608 Deploy application whitelisting solutions with enforcement for approved DLLs:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For a list of PI System firewall port requirements, see knowledge base article KB01162 - Firewall Port Requirements.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=KB01162", }, { category: "vendor_fix", details: "CVE-2020-10604, CVE-2020-10602, CVE-2020-10600 Fully configure Windows authentication for the PI System and disable legacy authentication methods. For a starting point on PI System security best practices, see knowledge base article KB00833 - Seven best practices for securing your PI Server.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, { category: "vendor_fix", details: "For more information and workaround details for these vulnerabilities, please refer to OSIsoft 's Security Bulletin (registration required): OSIsoft Updates PI System and Common Components.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027554", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, ], }, { cve: "CVE-2020-10608", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, notes: [ { category: "summary", text: "A local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized information disclosure, deletion, or modification.CVE-2020-10608 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been assigned; the CVSS vector string is (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10608", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "OSIsoft provides the following security updates to mitigate the reported vulnerabilities:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports further action should be taken after applying the security updates. Remove PI Asset Framework (AF) Client .NET 3.5 after verifying OSIsoft products that include the PI AF Client, such as PI ProcessBook, PI DataLink and other PI System desktop applications have been upgraded to 2015 (as well as later versions) in order to eliminate exposure to CVE-2020-10608.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For PI System servers and interface nodes that are normally unattended, limit console and remote desktop logon access to authorized administrators.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Individual updates for core PI System components are available. Additionally, the following OSIsoft product installation kits have been re-released to automatically deliver the updated components: ", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Client", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Connectors", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports not all products have been rebundled to include the affected update.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Contact OSIsoft support for guidance on products missing that use affected components that are missing from the currently available releases.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 Manage permissions on HKLM\\Software\\PISystem and HKLM\\WOW6432Node\\Software\\PISystem registry keys to block a high impact exploit path. See OSIsoft customer portal knowledge article PI System Registry Security Recommendations for details on setting registry permissions.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000026046", }, { category: "vendor_fix", details: "CVE-2019-18244 Provision and use domain Group Managed Service Accounts or use the default NetworkService account to run PI Vision AppPools. There is no exposure to this vulnerability when using either of these account types. To limit exposure in case standard domain account is used to run PI Vision AppPools, remove the password entry from the setup log files immediately.\nOSIsoft reports the following measures can be used to lower likelihood of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610, CVE-2020-10608, CVE-2020-10606 Migrate standard users to PI Vision and browser-based access to PI System data.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10608 Restrict network connections from PI client workstations to trusted AF servers (TCP Port 5457).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10606 Disable unused PI Buffering services from PI client workstations (PI Buffer Subsystem, PI Buffer Server).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2019-10768, CVE-2020-10600, CVE-2020-10614 Limit write access to PI Vision displays to trusted users.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "The following measures can be used to lower the potential impact of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 and CVE-2020-10608 Deploy application whitelisting solutions with enforcement for approved DLLs:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For a list of PI System firewall port requirements, see knowledge base article KB01162 - Firewall Port Requirements.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=KB01162", }, { category: "vendor_fix", details: "CVE-2020-10604, CVE-2020-10602, CVE-2020-10600 Fully configure Windows authentication for the PI System and disable legacy authentication methods. For a starting point on PI System security best practices, see knowledge base article KB00833 - Seven best practices for securing your PI Server.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, { category: "vendor_fix", details: "For more information and workaround details for these vulnerabilities, please refer to OSIsoft 's Security Bulletin (registration required): OSIsoft Updates PI System and Common Components.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027554", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, ], }, { cve: "CVE-2020-10606", cwe: { id: "CWE-276", name: "Incorrect Default Permissions", }, notes: [ { category: "summary", text: "A local attacker can exploit incorrect permissions set by affected PI System software. This exploitation can result in unauthorized information disclosure, deletion, or modification if the local computer also processes PI System data from other users, such as from a shared workstation or terminal server deployment.CVE-2020-10606 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been assigned; the CVSS vector string is (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10606", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "OSIsoft provides the following security updates to mitigate the reported vulnerabilities:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports further action should be taken after applying the security updates. Remove PI Asset Framework (AF) Client .NET 3.5 after verifying OSIsoft products that include the PI AF Client, such as PI ProcessBook, PI DataLink and other PI System desktop applications have been upgraded to 2015 (as well as later versions) in order to eliminate exposure to CVE-2020-10608.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For PI System servers and interface nodes that are normally unattended, limit console and remote desktop logon access to authorized administrators.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Individual updates for core PI System components are available. Additionally, the following OSIsoft product installation kits have been re-released to automatically deliver the updated components: ", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Client", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Connectors", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports not all products have been rebundled to include the affected update.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Contact OSIsoft support for guidance on products missing that use affected components that are missing from the currently available releases.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 Manage permissions on HKLM\\Software\\PISystem and HKLM\\WOW6432Node\\Software\\PISystem registry keys to block a high impact exploit path. See OSIsoft customer portal knowledge article PI System Registry Security Recommendations for details on setting registry permissions.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000026046", }, { category: "vendor_fix", details: "CVE-2019-18244 Provision and use domain Group Managed Service Accounts or use the default NetworkService account to run PI Vision AppPools. There is no exposure to this vulnerability when using either of these account types. To limit exposure in case standard domain account is used to run PI Vision AppPools, remove the password entry from the setup log files immediately.\nOSIsoft reports the following measures can be used to lower likelihood of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610, CVE-2020-10608, CVE-2020-10606 Migrate standard users to PI Vision and browser-based access to PI System data.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10608 Restrict network connections from PI client workstations to trusted AF servers (TCP Port 5457).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10606 Disable unused PI Buffering services from PI client workstations (PI Buffer Subsystem, PI Buffer Server).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2019-10768, CVE-2020-10600, CVE-2020-10614 Limit write access to PI Vision displays to trusted users.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "The following measures can be used to lower the potential impact of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 and CVE-2020-10608 Deploy application whitelisting solutions with enforcement for approved DLLs:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For a list of PI System firewall port requirements, see knowledge base article KB01162 - Firewall Port Requirements.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=KB01162", }, { category: "vendor_fix", details: "CVE-2020-10604, CVE-2020-10602, CVE-2020-10600 Fully configure Windows authentication for the PI System and disable legacy authentication methods. For a starting point on PI System security best practices, see knowledge base article KB00833 - Seven best practices for securing your PI Server.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, { category: "vendor_fix", details: "For more information and workaround details for these vulnerabilities, please refer to OSIsoft 's Security Bulletin (registration required): OSIsoft Updates PI System and Common Components.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027554", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, ], }, { cve: "CVE-2020-10604", cwe: { id: "CWE-248", name: "Uncaught Exception", }, notes: [ { category: "summary", text: "A remote, unauthenticated attacker could crash PI Network Manager service through specially crafted requests. This can result in blocking connections and queries to PI Data Archive.CVE-2020-10604 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10604", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "OSIsoft provides the following security updates to mitigate the reported vulnerabilities:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports further action should be taken after applying the security updates. Remove PI Asset Framework (AF) Client .NET 3.5 after verifying OSIsoft products that include the PI AF Client, such as PI ProcessBook, PI DataLink and other PI System desktop applications have been upgraded to 2015 (as well as later versions) in order to eliminate exposure to CVE-2020-10608.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For PI System servers and interface nodes that are normally unattended, limit console and remote desktop logon access to authorized administrators.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Individual updates for core PI System components are available. Additionally, the following OSIsoft product installation kits have been re-released to automatically deliver the updated components: ", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Client", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Connectors", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports not all products have been rebundled to include the affected update.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Contact OSIsoft support for guidance on products missing that use affected components that are missing from the currently available releases.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 Manage permissions on HKLM\\Software\\PISystem and HKLM\\WOW6432Node\\Software\\PISystem registry keys to block a high impact exploit path. See OSIsoft customer portal knowledge article PI System Registry Security Recommendations for details on setting registry permissions.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000026046", }, { category: "vendor_fix", details: "CVE-2019-18244 Provision and use domain Group Managed Service Accounts or use the default NetworkService account to run PI Vision AppPools. There is no exposure to this vulnerability when using either of these account types. To limit exposure in case standard domain account is used to run PI Vision AppPools, remove the password entry from the setup log files immediately.\nOSIsoft reports the following measures can be used to lower likelihood of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610, CVE-2020-10608, CVE-2020-10606 Migrate standard users to PI Vision and browser-based access to PI System data.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10608 Restrict network connections from PI client workstations to trusted AF servers (TCP Port 5457).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10606 Disable unused PI Buffering services from PI client workstations (PI Buffer Subsystem, PI Buffer Server).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2019-10768, CVE-2020-10600, CVE-2020-10614 Limit write access to PI Vision displays to trusted users.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "The following measures can be used to lower the potential impact of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 and CVE-2020-10608 Deploy application whitelisting solutions with enforcement for approved DLLs:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For a list of PI System firewall port requirements, see knowledge base article KB01162 - Firewall Port Requirements.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=KB01162", }, { category: "vendor_fix", details: "CVE-2020-10604, CVE-2020-10602, CVE-2020-10600 Fully configure Windows authentication for the PI System and disable legacy authentication methods. For a starting point on PI System security best practices, see knowledge base article KB00833 - Seven best practices for securing your PI Server.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, { category: "vendor_fix", details: "For more information and workaround details for these vulnerabilities, please refer to OSIsoft 's Security Bulletin (registration required): OSIsoft Updates PI System and Common Components.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027554", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, ], }, { cve: "CVE-2020-10602", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "An authenticated remote attacker could crash PI Network Manager due to a race condition. This can result in blocking connections and queries to PI Data Archive.CVE-2020-10602 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10602", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "OSIsoft provides the following security updates to mitigate the reported vulnerabilities:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports further action should be taken after applying the security updates. Remove PI Asset Framework (AF) Client .NET 3.5 after verifying OSIsoft products that include the PI AF Client, such as PI ProcessBook, PI DataLink and other PI System desktop applications have been upgraded to 2015 (as well as later versions) in order to eliminate exposure to CVE-2020-10608.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For PI System servers and interface nodes that are normally unattended, limit console and remote desktop logon access to authorized administrators.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Individual updates for core PI System components are available. Additionally, the following OSIsoft product installation kits have been re-released to automatically deliver the updated components: ", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Client", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Connectors", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports not all products have been rebundled to include the affected update.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Contact OSIsoft support for guidance on products missing that use affected components that are missing from the currently available releases.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 Manage permissions on HKLM\\Software\\PISystem and HKLM\\WOW6432Node\\Software\\PISystem registry keys to block a high impact exploit path. See OSIsoft customer portal knowledge article PI System Registry Security Recommendations for details on setting registry permissions.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000026046", }, { category: "vendor_fix", details: "CVE-2019-18244 Provision and use domain Group Managed Service Accounts or use the default NetworkService account to run PI Vision AppPools. There is no exposure to this vulnerability when using either of these account types. To limit exposure in case standard domain account is used to run PI Vision AppPools, remove the password entry from the setup log files immediately.\nOSIsoft reports the following measures can be used to lower likelihood of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610, CVE-2020-10608, CVE-2020-10606 Migrate standard users to PI Vision and browser-based access to PI System data.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10608 Restrict network connections from PI client workstations to trusted AF servers (TCP Port 5457).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10606 Disable unused PI Buffering services from PI client workstations (PI Buffer Subsystem, PI Buffer Server).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2019-10768, CVE-2020-10600, CVE-2020-10614 Limit write access to PI Vision displays to trusted users.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "The following measures can be used to lower the potential impact of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 and CVE-2020-10608 Deploy application whitelisting solutions with enforcement for approved DLLs:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For a list of PI System firewall port requirements, see knowledge base article KB01162 - Firewall Port Requirements.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=KB01162", }, { category: "vendor_fix", details: "CVE-2020-10604, CVE-2020-10602, CVE-2020-10600 Fully configure Windows authentication for the PI System and disable legacy authentication methods. For a starting point on PI System security best practices, see knowledge base article KB00833 - Seven best practices for securing your PI Server.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, { category: "vendor_fix", details: "For more information and workaround details for these vulnerabilities, please refer to OSIsoft 's Security Bulletin (registration required): OSIsoft Updates PI System and Common Components.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027554", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, ], }, { cve: "CVE-2020-10600", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "An authenticated remote attacker could crash PI Archive Subsystem when the subsystem is working under memory pressure. This can result in blocking queries to PI Data Archive.CVE-2020-10600 has been assigned to this vulnerability. A CVSS v3 base score of 5.9 has been assigned; the CVSS vector string is (AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10600", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", }, ], remediations: [ { category: "vendor_fix", details: "OSIsoft provides the following security updates to mitigate the reported vulnerabilities:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports further action should be taken after applying the security updates. Remove PI Asset Framework (AF) Client .NET 3.5 after verifying OSIsoft products that include the PI AF Client, such as PI ProcessBook, PI DataLink and other PI System desktop applications have been upgraded to 2015 (as well as later versions) in order to eliminate exposure to CVE-2020-10608.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For PI System servers and interface nodes that are normally unattended, limit console and remote desktop logon access to authorized administrators.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Individual updates for core PI System components are available. Additionally, the following OSIsoft product installation kits have been re-released to automatically deliver the updated components: ", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Client", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Connectors", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports not all products have been rebundled to include the affected update.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Contact OSIsoft support for guidance on products missing that use affected components that are missing from the currently available releases.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 Manage permissions on HKLM\\Software\\PISystem and HKLM\\WOW6432Node\\Software\\PISystem registry keys to block a high impact exploit path. See OSIsoft customer portal knowledge article PI System Registry Security Recommendations for details on setting registry permissions.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000026046", }, { category: "vendor_fix", details: "CVE-2019-18244 Provision and use domain Group Managed Service Accounts or use the default NetworkService account to run PI Vision AppPools. There is no exposure to this vulnerability when using either of these account types. To limit exposure in case standard domain account is used to run PI Vision AppPools, remove the password entry from the setup log files immediately.\nOSIsoft reports the following measures can be used to lower likelihood of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610, CVE-2020-10608, CVE-2020-10606 Migrate standard users to PI Vision and browser-based access to PI System data.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10608 Restrict network connections from PI client workstations to trusted AF servers (TCP Port 5457).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10606 Disable unused PI Buffering services from PI client workstations (PI Buffer Subsystem, PI Buffer Server).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2019-10768, CVE-2020-10600, CVE-2020-10614 Limit write access to PI Vision displays to trusted users.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "The following measures can be used to lower the potential impact of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 and CVE-2020-10608 Deploy application whitelisting solutions with enforcement for approved DLLs:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For a list of PI System firewall port requirements, see knowledge base article KB01162 - Firewall Port Requirements.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=KB01162", }, { category: "vendor_fix", details: "CVE-2020-10604, CVE-2020-10602, CVE-2020-10600 Fully configure Windows authentication for the PI System and disable legacy authentication methods. For a starting point on PI System security best practices, see knowledge base article KB00833 - Seven best practices for securing your PI Server.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, { category: "vendor_fix", details: "For more information and workaround details for these vulnerabilities, please refer to OSIsoft 's Security Bulletin (registration required): OSIsoft Updates PI System and Common Components.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027554", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, ], }, { cve: "CVE-2019-10768", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "An authenticated remote attacker could add or modify internal object properties, resulting in undefined behavior.CVE-2019-10768 and CVE-2019-11358 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-10768", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", }, ], remediations: [ { category: "vendor_fix", details: "OSIsoft provides the following security updates to mitigate the reported vulnerabilities:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports further action should be taken after applying the security updates. Remove PI Asset Framework (AF) Client .NET 3.5 after verifying OSIsoft products that include the PI AF Client, such as PI ProcessBook, PI DataLink and other PI System desktop applications have been upgraded to 2015 (as well as later versions) in order to eliminate exposure to CVE-2020-10608.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For PI System servers and interface nodes that are normally unattended, limit console and remote desktop logon access to authorized administrators.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Individual updates for core PI System components are available. Additionally, the following OSIsoft product installation kits have been re-released to automatically deliver the updated components: ", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Client", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Connectors", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports not all products have been rebundled to include the affected update.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Contact OSIsoft support for guidance on products missing that use affected components that are missing from the currently available releases.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 Manage permissions on HKLM\\Software\\PISystem and HKLM\\WOW6432Node\\Software\\PISystem registry keys to block a high impact exploit path. See OSIsoft customer portal knowledge article PI System Registry Security Recommendations for details on setting registry permissions.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000026046", }, { category: "vendor_fix", details: "CVE-2019-18244 Provision and use domain Group Managed Service Accounts or use the default NetworkService account to run PI Vision AppPools. There is no exposure to this vulnerability when using either of these account types. To limit exposure in case standard domain account is used to run PI Vision AppPools, remove the password entry from the setup log files immediately.\nOSIsoft reports the following measures can be used to lower likelihood of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610, CVE-2020-10608, CVE-2020-10606 Migrate standard users to PI Vision and browser-based access to PI System data.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10608 Restrict network connections from PI client workstations to trusted AF servers (TCP Port 5457).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10606 Disable unused PI Buffering services from PI client workstations (PI Buffer Subsystem, PI Buffer Server).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2019-10768, CVE-2020-10600, CVE-2020-10614 Limit write access to PI Vision displays to trusted users.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "The following measures can be used to lower the potential impact of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 and CVE-2020-10608 Deploy application whitelisting solutions with enforcement for approved DLLs:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For a list of PI System firewall port requirements, see knowledge base article KB01162 - Firewall Port Requirements.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=KB01162", }, { category: "vendor_fix", details: "CVE-2020-10604, CVE-2020-10602, CVE-2020-10600 Fully configure Windows authentication for the PI System and disable legacy authentication methods. For a starting point on PI System security best practices, see knowledge base article KB00833 - Seven best practices for securing your PI Server.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, { category: "vendor_fix", details: "For more information and workaround details for these vulnerabilities, please refer to OSIsoft 's Security Bulletin (registration required): OSIsoft Updates PI System and Common Components.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027554", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, ], }, { cve: "CVE-2020-10643", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "summary", text: "An authenticated remote attacker could use specially crafted URLs to send a victim using PI Vision mobile to a vulnerable webpage due to a known issue in a third-party component.CVE-2020-10643 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10643", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "OSIsoft provides the following security updates to mitigate the reported vulnerabilities:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports further action should be taken after applying the security updates. Remove PI Asset Framework (AF) Client .NET 3.5 after verifying OSIsoft products that include the PI AF Client, such as PI ProcessBook, PI DataLink and other PI System desktop applications have been upgraded to 2015 (as well as later versions) in order to eliminate exposure to CVE-2020-10608.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For PI System servers and interface nodes that are normally unattended, limit console and remote desktop logon access to authorized administrators.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Individual updates for core PI System components are available. Additionally, the following OSIsoft product installation kits have been re-released to automatically deliver the updated components: ", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Client", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Connectors", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports not all products have been rebundled to include the affected update.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Contact OSIsoft support for guidance on products missing that use affected components that are missing from the currently available releases.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 Manage permissions on HKLM\\Software\\PISystem and HKLM\\WOW6432Node\\Software\\PISystem registry keys to block a high impact exploit path. See OSIsoft customer portal knowledge article PI System Registry Security Recommendations for details on setting registry permissions.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000026046", }, { category: "vendor_fix", details: "CVE-2019-18244 Provision and use domain Group Managed Service Accounts or use the default NetworkService account to run PI Vision AppPools. There is no exposure to this vulnerability when using either of these account types. To limit exposure in case standard domain account is used to run PI Vision AppPools, remove the password entry from the setup log files immediately.\nOSIsoft reports the following measures can be used to lower likelihood of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610, CVE-2020-10608, CVE-2020-10606 Migrate standard users to PI Vision and browser-based access to PI System data.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10608 Restrict network connections from PI client workstations to trusted AF servers (TCP Port 5457).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10606 Disable unused PI Buffering services from PI client workstations (PI Buffer Subsystem, PI Buffer Server).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2019-10768, CVE-2020-10600, CVE-2020-10614 Limit write access to PI Vision displays to trusted users.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "The following measures can be used to lower the potential impact of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 and CVE-2020-10608 Deploy application whitelisting solutions with enforcement for approved DLLs:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For a list of PI System firewall port requirements, see knowledge base article KB01162 - Firewall Port Requirements.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=KB01162", }, { category: "vendor_fix", details: "CVE-2020-10604, CVE-2020-10602, CVE-2020-10600 Fully configure Windows authentication for the PI System and disable legacy authentication methods. For a starting point on PI System security best practices, see knowledge base article KB00833 - Seven best practices for securing your PI Server.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, { category: "vendor_fix", details: "For more information and workaround details for these vulnerabilities, please refer to OSIsoft 's Security Bulletin (registration required): OSIsoft Updates PI System and Common Components.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027554", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, ], }, { cve: "CVE-2020-10614", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "summary", text: "An authenticated remote attacker with write access to PI Vision databases could inject code into a display. Unauthorized information disclosure, deletion, or modification is possible if a victim views the infected display.CVE-2020-10614 has been assigned to this vulnerability. A CVSS v3 base score of 6.4 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10614", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:H", }, ], remediations: [ { category: "vendor_fix", details: "OSIsoft provides the following security updates to mitigate the reported vulnerabilities:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports further action should be taken after applying the security updates. Remove PI Asset Framework (AF) Client .NET 3.5 after verifying OSIsoft products that include the PI AF Client, such as PI ProcessBook, PI DataLink and other PI System desktop applications have been upgraded to 2015 (as well as later versions) in order to eliminate exposure to CVE-2020-10608.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For PI System servers and interface nodes that are normally unattended, limit console and remote desktop logon access to authorized administrators.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Individual updates for core PI System components are available. Additionally, the following OSIsoft product installation kits have been re-released to automatically deliver the updated components: ", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Client", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Connectors", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports not all products have been rebundled to include the affected update.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Contact OSIsoft support for guidance on products missing that use affected components that are missing from the currently available releases.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 Manage permissions on HKLM\\Software\\PISystem and HKLM\\WOW6432Node\\Software\\PISystem registry keys to block a high impact exploit path. See OSIsoft customer portal knowledge article PI System Registry Security Recommendations for details on setting registry permissions.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000026046", }, { category: "vendor_fix", details: "CVE-2019-18244 Provision and use domain Group Managed Service Accounts or use the default NetworkService account to run PI Vision AppPools. There is no exposure to this vulnerability when using either of these account types. To limit exposure in case standard domain account is used to run PI Vision AppPools, remove the password entry from the setup log files immediately.\nOSIsoft reports the following measures can be used to lower likelihood of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610, CVE-2020-10608, CVE-2020-10606 Migrate standard users to PI Vision and browser-based access to PI System data.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10608 Restrict network connections from PI client workstations to trusted AF servers (TCP Port 5457).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10606 Disable unused PI Buffering services from PI client workstations (PI Buffer Subsystem, PI Buffer Server).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2019-10768, CVE-2020-10600, CVE-2020-10614 Limit write access to PI Vision displays to trusted users.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "The following measures can be used to lower the potential impact of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 and CVE-2020-10608 Deploy application whitelisting solutions with enforcement for approved DLLs:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For a list of PI System firewall port requirements, see knowledge base article KB01162 - Firewall Port Requirements.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=KB01162", }, { category: "vendor_fix", details: "CVE-2020-10604, CVE-2020-10602, CVE-2020-10600 Fully configure Windows authentication for the PI System and disable legacy authentication methods. For a starting point on PI System security best practices, see knowledge base article KB00833 - Seven best practices for securing your PI Server.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, { category: "vendor_fix", details: "For more information and workaround details for these vulnerabilities, please refer to OSIsoft 's Security Bulletin (registration required): OSIsoft Updates PI System and Common Components.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027554", }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, ], }, { cve: "CVE-2019-18244", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, notes: [ { category: "summary", text: "A local attacker could view sensitive information in log files when service accounts are customized during installation or upgrade of PI Vision. The update fixes a previously reported issue.CVE-2019-18244 has been assigned to this vulnerability. A CVSS v3 base score of 5.1 has been assigned; the CVSS vector string is (AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-18244", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "OSIsoft provides the following security updates to mitigate the reported vulnerabilities:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports further action should be taken after applying the security updates. Remove PI Asset Framework (AF) Client .NET 3.5 after verifying OSIsoft products that include the PI AF Client, such as PI ProcessBook, PI DataLink and other PI System desktop applications have been upgraded to 2015 (as well as later versions) in order to eliminate exposure to CVE-2020-10608.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For PI System servers and interface nodes that are normally unattended, limit console and remote desktop logon access to authorized administrators.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Individual updates for core PI System components are available. Additionally, the following OSIsoft product installation kits have been re-released to automatically deliver the updated components: ", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Client", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Connectors", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports not all products have been rebundled to include the affected update.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Contact OSIsoft support for guidance on products missing that use affected components that are missing from the currently available releases.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 Manage permissions on HKLM\\Software\\PISystem and HKLM\\WOW6432Node\\Software\\PISystem registry keys to block a high impact exploit path. See OSIsoft customer portal knowledge article PI System Registry Security Recommendations for details on setting registry permissions.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000026046", }, { category: "vendor_fix", details: "CVE-2019-18244 Provision and use domain Group Managed Service Accounts or use the default NetworkService account to run PI Vision AppPools. There is no exposure to this vulnerability when using either of these account types. To limit exposure in case standard domain account is used to run PI Vision AppPools, remove the password entry from the setup log files immediately.\nOSIsoft reports the following measures can be used to lower likelihood of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610, CVE-2020-10608, CVE-2020-10606 Migrate standard users to PI Vision and browser-based access to PI System data.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10608 Restrict network connections from PI client workstations to trusted AF servers (TCP Port 5457).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10606 Disable unused PI Buffering services from PI client workstations (PI Buffer Subsystem, PI Buffer Server).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2019-10768, CVE-2020-10600, CVE-2020-10614 Limit write access to PI Vision displays to trusted users.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "The following measures can be used to lower the potential impact of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 and CVE-2020-10608 Deploy application whitelisting solutions with enforcement for approved DLLs:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For a list of PI System firewall port requirements, see knowledge base article KB01162 - Firewall Port Requirements.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=KB01162", }, { category: "vendor_fix", details: "CVE-2020-10604, CVE-2020-10602, CVE-2020-10600 Fully configure Windows authentication for the PI System and disable legacy authentication methods. For a starting point on PI System security best practices, see knowledge base article KB00833 - Seven best practices for securing your PI Server.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, { category: "vendor_fix", details: "For more information and workaround details for these vulnerabilities, please refer to OSIsoft 's Security Bulletin (registration required): OSIsoft Updates PI System and Common Components.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027554", }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, ], }, ], }
ICSA-20-133-02
Vulnerability from csaf_cisa
Published
2020-05-12 00:00
Modified
2020-06-09 00:00
Summary
OSIsoft PI System (Update A)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow an attacker to access unauthorized information, delete or modify local processes, and crash the affected device.
Critical infrastructure sectors
Multiple Sectors
Countries/areas deployed
Worldwide
Company headquarters location
United States
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Exploitability
No known public exploits specifically target these vulnerabilities.
{ document: { acknowledgments: [ { names: [ "William Knowles", ], organization: "Applied Risk", summary: "reporting vulnerabilities to CISA", }, { organization: "OSIsoft", summary: "reporting vulnerabilities to CISA", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en-US", notes: [ { category: "general", text: "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", title: "CISA Disclaimer", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "summary", text: "Successful exploitation of these vulnerabilities could allow an attacker to access unauthorized information, delete or modify local processes, and crash the affected device.", title: "Risk evaluation", }, { category: "other", text: "Multiple Sectors", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "United States", title: "Company headquarters location", }, { category: "general", text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, { category: "other", text: "No known public exploits specifically target these vulnerabilities.", title: "Exploitability", }, ], publisher: { category: "coordinator", contact_details: "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "self", summary: "ICS Advisory ICSA-20-133-02 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2020/icsa-20-133-02.json", }, { category: "self", summary: "ICS Advisory ICSA-20-133-02 Web Version", url: "https://www.cisa.gov/news-events/ics-advisories/icsa-20-133-02", }, { category: "external", summary: "Recommended Practices", url: "https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B", }, ], title: "OSIsoft PI System (Update A)", tracking: { current_release_date: "2020-06-09T00:00:00.000000Z", generator: { engine: { name: "CISA CSAF Generator", version: "1.0.0", }, }, id: "ICSA-20-133-02", initial_release_date: "2020-05-12T00:00:00.000000Z", revision_history: [ { date: "2020-05-12T00:00:00.000000Z", legacy_version: "Initial", number: "1", summary: "ICSA-20-133-02 OSIsoft PI System", }, { date: "2020-06-09T00:00:00.000000Z", legacy_version: "A", number: "2", summary: "ICSA-20-133-02 OSIsoft PI System (Update A)", }, ], status: "final", version: "2", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<= 1.2.0.6", product: { name: "PI Connector for BACnet: versions prior to and including 1.2.0.6", product_id: "CSAFPID-0001", }, }, ], category: "product_name", name: "PI Connector for BACnet", }, { branches: [ { category: "product_version_range", name: "<= 2.0.2.5", product: { name: "PI API for Windows Integrated Security: versions prior to and including 2.0.2.5", product_id: "CSAFPID-0002", }, }, ], category: "product_name", name: "PI API for Windows Integrated Security", }, { branches: [ { category: "product_version_range", name: "<= PI SDK 2018 SP1 Version 1.4.7.602", product: { name: "Applications using PI Software Development Kit (SDK): versions prior to and including PI SDK 2018 SP1 Version 1.4.7.602", product_id: "CSAFPID-0003", }, }, ], category: "product_name", name: "Applications using PI Software Development Kit (SDK)", }, { branches: [ { category: "product_version", name: "2018 | 2018 SP2", product: { name: "PI Data Archive: 2018 and 2018 SP2 only", product_id: "CSAFPID-0004", }, }, ], category: "product_name", name: "PI Data Archive", }, { branches: [ { category: "product_version_range", name: "<= 1.3.1.135", product: { name: "PI Connector for UFL: versions prior to and including 1.3.1.135", product_id: "CSAFPID-0005", }, }, ], category: "product_name", name: "PI Connector for UFL", }, { branches: [ { category: "product_version_range", name: "<= 1.2.1.71", product: { name: "PI Connector for Siemens Simatic PCS 7: versions prior to and including 1.2.1.71", product_id: "CSAFPID-0006", }, }, ], category: "product_name", name: "PI Connector for Siemens Simatic PCS 7", }, { branches: [ { category: "product_version_range", name: "<= 1.4.0.17", product: { name: "PI Connector for CygNet: versions prior to and including 1.4.0.17", product_id: "CSAFPID-0007", }, }, ], category: "product_name", name: "PI Connector for CygNet", }, { branches: [ { category: "product_version_range", name: "<= 1.2.0.42", product: { name: "PI Connector for DC Systems RTscada: versions prior to and including 1.2.0.42", product_id: "CSAFPID-0008", }, }, ], category: "product_name", name: "PI Connector for DC Systems RTscada", }, { branches: [ { category: "product_version_range", name: "<= 1.1.36.0", product: { name: "PI to OCS: versions prior to and including 1.1.36.0", product_id: "CSAFPID-0009", }, }, ], category: "product_name", name: "PI to OCS", }, { branches: [ { category: "product_version_range", name: "<= 1.0.0.54", product: { name: "PI Connector for Ping: versions prior to and including 1.0.0.54", product_id: "CSAFPID-00010", }, }, ], category: "product_name", name: "PI Connector for Ping", }, { branches: [ { category: "product_version_range", name: "<= 2.5.19.0", product: { name: "PI Data Collection Manager: versions prior to and including 2.5.19.0", product_id: "CSAFPID-00011", }, }, ], category: "product_name", name: "PI Data Collection Manager", }, { branches: [ { category: "product_version_range", name: "<= 2018 SP3 Version 3.4.430.460", product: { name: "PI Data Archive: versions prior to and including PI Data Archive 2018 SP3 Version 3.4.430.460", product_id: "CSAFPID-00012", }, }, ], category: "product_name", name: "PI Data Archive", }, { branches: [ { category: "product_version_range", name: "<= 2018 R2 SP1 Version 2.2.0.183", product: { name: "PI Integrator for Business Analytics: versions prior to and including 2018 R2 SP1 Version 2.2.0.183", product_id: "CSAFPID-00013", }, }, ], category: "product_name", name: "PI Integrator for Business Analytics", }, { branches: [ { category: "product_version_range", name: "<= 2017 R2 Patch 1", product: { name: "PI Manual Logger: 2017 R2 Patch 1 and prior", product_id: "CSAFPID-00014", }, }, ], category: "product_name", name: "PI Manual Logger", }, { branches: [ { category: "product_version_range", name: "<= 1.1.0.10", product: { name: "PI Connector for Ethernet/IP: versions prior to and including 1.1.0.10", product_id: "CSAFPID-00015", }, }, ], category: "product_name", name: "PI Connector for Ethernet/IP", }, { branches: [ { category: "product_version_range", name: "<= 1.5.0.88", product: { name: "PI Connector for Wonderware Historian: versions prior to and including 1.5.0.88", product_id: "CSAFPID-00016", }, }, ], category: "product_name", name: "PI Connector for Wonderware Historian", }, { branches: [ { category: "product_version_range", name: "<= 2019", product: { name: "PI Vision 2019: and prior", product_id: "CSAFPID-00017", }, }, ], category: "product_name", name: "PI Vision", }, { branches: [ { category: "product_version_range", name: "<= PI AF Client 2018 SP3 Patch 1 Version 2.10.7.283", product: { name: "Applications using PI Asset Framework (AF) Client: versions prior to and including PI AF Client 2018 SP3 Patch 1 Version 2.10.7.283", product_id: "CSAFPID-00018", }, }, ], category: "product_name", name: "Applications using PI Asset Framework (AF) Client", }, { branches: [ { category: "product_version_range", name: "<= 2018 SP2", product: { name: "PI Data Archive: 2018 SP2 and prior versions", product_id: "CSAFPID-00019", }, }, ], category: "product_name", name: "PI Data Archive", }, { branches: [ { category: "product_version_range", name: "<= 4.1", product: { name: "RtReports: Version 4.1 and prior", product_id: "CSAFPID-00020", }, }, ], category: "product_name", name: "RtReports", }, { branches: [ { category: "product_version_range", name: "<= 1.3.0.130", product: { name: "PI Connector for OPC-UA: versions prior to and including 1.3.0.130", product_id: "CSAFPID-00021", }, }, ], category: "product_name", name: "PI Connector for OPC-UA", }, { branches: [ { category: "product_version_range", name: "<= 2.5.19.0", product: { name: "PI Connector Relay: versions prior to and including 2.5.19.0", product_id: "CSAFPID-00022", }, }, ], category: "product_name", name: "PI Connector Relay", }, { branches: [ { category: "product_version_range", name: "<= 1.2.2.79", product: { name: "PI Connector for IEC 60870-5-104 versions: prior to and including 1.2.2.79", product_id: "CSAFPID-00023", }, }, ], category: "product_name", name: "PI Connector for IEC 60870-5-104 versions", }, { branches: [ { category: "product_version_range", name: "<= 4.8.0.18", product: { name: "PI Buffer Subsystem: versions prior to and including 4.8.0.18", product_id: "CSAFPID-00024", }, }, ], category: "product_name", name: "PI Buffer Subsystem", }, { branches: [ { category: "product_version_range", name: "<= 1.5.0.7", product: { name: "PI Interface Configuration Utility (ICU): versions prior to and including 1.5.0.7", product_id: "CSAFPID-00025", }, }, ], category: "product_name", name: "PI Interface Configuration Utility (ICU)", }, { branches: [ { category: "product_version_range", name: "<= 1.3.0.1", product: { name: "PI Connector for HART-IP: versions prior to and including 1.3.0.1", product_id: "CSAFPID-00026", }, }, ], category: "product_name", name: "PI Connector for HART-IP", }, { branches: [ { category: "product_version_range", name: "<= 2019", product: { name: "PI Vision: 2019 and prior versions", product_id: "CSAFPID-00027", }, }, ], category: "product_name", name: "PI Vision", }, { branches: [ { category: "product_version_range", name: "<= 1.6.8.26", product: { name: "PI API: versions prior to and including 1.6.8.26", product_id: "CSAFPID-00028", }, }, ], category: "product_name", name: "PI API", }, ], category: "vendor", name: "OSIsoft LLC", }, ], }, vulnerabilities: [ { cve: "CVE-2020-10610", cwe: { id: "CWE-427", name: "Uncontrolled Search Path Element", }, notes: [ { category: "summary", text: "A local attacker can modify a search path and plant a binary to exploit the affected PI System software to take control of the local computer at Windows system privilege level, resulting in unauthorized information disclosure, deletion, or modification.CVE-2020-10610 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been assigned; the CVSS vector string is (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10610", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "OSIsoft provides the following security updates to mitigate the reported vulnerabilities:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports further action should be taken after applying the security updates. Remove PI Asset Framework (AF) Client .NET 3.5 after verifying OSIsoft products that include the PI AF Client, such as PI ProcessBook, PI DataLink and other PI System desktop applications have been upgraded to 2015 (as well as later versions) in order to eliminate exposure to CVE-2020-10608.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For PI System servers and interface nodes that are normally unattended, limit console and remote desktop logon access to authorized administrators.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Individual updates for core PI System components are available. Additionally, the following OSIsoft product installation kits have been re-released to automatically deliver the updated components: ", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Client", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Connectors", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports not all products have been rebundled to include the affected update.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Contact OSIsoft support for guidance on products missing that use affected components that are missing from the currently available releases.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 Manage permissions on HKLM\\Software\\PISystem and HKLM\\WOW6432Node\\Software\\PISystem registry keys to block a high impact exploit path. See OSIsoft customer portal knowledge article PI System Registry Security Recommendations for details on setting registry permissions.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000026046", }, { category: "vendor_fix", details: "CVE-2019-18244 Provision and use domain Group Managed Service Accounts or use the default NetworkService account to run PI Vision AppPools. There is no exposure to this vulnerability when using either of these account types. To limit exposure in case standard domain account is used to run PI Vision AppPools, remove the password entry from the setup log files immediately.\nOSIsoft reports the following measures can be used to lower likelihood of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610, CVE-2020-10608, CVE-2020-10606 Migrate standard users to PI Vision and browser-based access to PI System data.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10608 Restrict network connections from PI client workstations to trusted AF servers (TCP Port 5457).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10606 Disable unused PI Buffering services from PI client workstations (PI Buffer Subsystem, PI Buffer Server).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2019-10768, CVE-2020-10600, CVE-2020-10614 Limit write access to PI Vision displays to trusted users.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "The following measures can be used to lower the potential impact of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 and CVE-2020-10608 Deploy application whitelisting solutions with enforcement for approved DLLs:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For a list of PI System firewall port requirements, see knowledge base article KB01162 - Firewall Port Requirements.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=KB01162", }, { category: "vendor_fix", details: "CVE-2020-10604, CVE-2020-10602, CVE-2020-10600 Fully configure Windows authentication for the PI System and disable legacy authentication methods. For a starting point on PI System security best practices, see knowledge base article KB00833 - Seven best practices for securing your PI Server.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, { category: "vendor_fix", details: "For more information and workaround details for these vulnerabilities, please refer to OSIsoft 's Security Bulletin (registration required): OSIsoft Updates PI System and Common Components.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027554", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, ], }, { cve: "CVE-2020-10608", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, notes: [ { category: "summary", text: "A local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized information disclosure, deletion, or modification.CVE-2020-10608 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been assigned; the CVSS vector string is (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10608", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "OSIsoft provides the following security updates to mitigate the reported vulnerabilities:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports further action should be taken after applying the security updates. Remove PI Asset Framework (AF) Client .NET 3.5 after verifying OSIsoft products that include the PI AF Client, such as PI ProcessBook, PI DataLink and other PI System desktop applications have been upgraded to 2015 (as well as later versions) in order to eliminate exposure to CVE-2020-10608.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For PI System servers and interface nodes that are normally unattended, limit console and remote desktop logon access to authorized administrators.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Individual updates for core PI System components are available. Additionally, the following OSIsoft product installation kits have been re-released to automatically deliver the updated components: ", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Client", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Connectors", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports not all products have been rebundled to include the affected update.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Contact OSIsoft support for guidance on products missing that use affected components that are missing from the currently available releases.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 Manage permissions on HKLM\\Software\\PISystem and HKLM\\WOW6432Node\\Software\\PISystem registry keys to block a high impact exploit path. See OSIsoft customer portal knowledge article PI System Registry Security Recommendations for details on setting registry permissions.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000026046", }, { category: "vendor_fix", details: "CVE-2019-18244 Provision and use domain Group Managed Service Accounts or use the default NetworkService account to run PI Vision AppPools. There is no exposure to this vulnerability when using either of these account types. To limit exposure in case standard domain account is used to run PI Vision AppPools, remove the password entry from the setup log files immediately.\nOSIsoft reports the following measures can be used to lower likelihood of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610, CVE-2020-10608, CVE-2020-10606 Migrate standard users to PI Vision and browser-based access to PI System data.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10608 Restrict network connections from PI client workstations to trusted AF servers (TCP Port 5457).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10606 Disable unused PI Buffering services from PI client workstations (PI Buffer Subsystem, PI Buffer Server).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2019-10768, CVE-2020-10600, CVE-2020-10614 Limit write access to PI Vision displays to trusted users.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "The following measures can be used to lower the potential impact of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 and CVE-2020-10608 Deploy application whitelisting solutions with enforcement for approved DLLs:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For a list of PI System firewall port requirements, see knowledge base article KB01162 - Firewall Port Requirements.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=KB01162", }, { category: "vendor_fix", details: "CVE-2020-10604, CVE-2020-10602, CVE-2020-10600 Fully configure Windows authentication for the PI System and disable legacy authentication methods. For a starting point on PI System security best practices, see knowledge base article KB00833 - Seven best practices for securing your PI Server.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, { category: "vendor_fix", details: "For more information and workaround details for these vulnerabilities, please refer to OSIsoft 's Security Bulletin (registration required): OSIsoft Updates PI System and Common Components.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027554", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, ], }, { cve: "CVE-2020-10606", cwe: { id: "CWE-276", name: "Incorrect Default Permissions", }, notes: [ { category: "summary", text: "A local attacker can exploit incorrect permissions set by affected PI System software. This exploitation can result in unauthorized information disclosure, deletion, or modification if the local computer also processes PI System data from other users, such as from a shared workstation or terminal server deployment.CVE-2020-10606 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been assigned; the CVSS vector string is (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10606", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "OSIsoft provides the following security updates to mitigate the reported vulnerabilities:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports further action should be taken after applying the security updates. Remove PI Asset Framework (AF) Client .NET 3.5 after verifying OSIsoft products that include the PI AF Client, such as PI ProcessBook, PI DataLink and other PI System desktop applications have been upgraded to 2015 (as well as later versions) in order to eliminate exposure to CVE-2020-10608.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For PI System servers and interface nodes that are normally unattended, limit console and remote desktop logon access to authorized administrators.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Individual updates for core PI System components are available. Additionally, the following OSIsoft product installation kits have been re-released to automatically deliver the updated components: ", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Client", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Connectors", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports not all products have been rebundled to include the affected update.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Contact OSIsoft support for guidance on products missing that use affected components that are missing from the currently available releases.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 Manage permissions on HKLM\\Software\\PISystem and HKLM\\WOW6432Node\\Software\\PISystem registry keys to block a high impact exploit path. See OSIsoft customer portal knowledge article PI System Registry Security Recommendations for details on setting registry permissions.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000026046", }, { category: "vendor_fix", details: "CVE-2019-18244 Provision and use domain Group Managed Service Accounts or use the default NetworkService account to run PI Vision AppPools. There is no exposure to this vulnerability when using either of these account types. To limit exposure in case standard domain account is used to run PI Vision AppPools, remove the password entry from the setup log files immediately.\nOSIsoft reports the following measures can be used to lower likelihood of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610, CVE-2020-10608, CVE-2020-10606 Migrate standard users to PI Vision and browser-based access to PI System data.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10608 Restrict network connections from PI client workstations to trusted AF servers (TCP Port 5457).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10606 Disable unused PI Buffering services from PI client workstations (PI Buffer Subsystem, PI Buffer Server).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2019-10768, CVE-2020-10600, CVE-2020-10614 Limit write access to PI Vision displays to trusted users.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "The following measures can be used to lower the potential impact of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 and CVE-2020-10608 Deploy application whitelisting solutions with enforcement for approved DLLs:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For a list of PI System firewall port requirements, see knowledge base article KB01162 - Firewall Port Requirements.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=KB01162", }, { category: "vendor_fix", details: "CVE-2020-10604, CVE-2020-10602, CVE-2020-10600 Fully configure Windows authentication for the PI System and disable legacy authentication methods. For a starting point on PI System security best practices, see knowledge base article KB00833 - Seven best practices for securing your PI Server.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, { category: "vendor_fix", details: "For more information and workaround details for these vulnerabilities, please refer to OSIsoft 's Security Bulletin (registration required): OSIsoft Updates PI System and Common Components.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027554", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, ], }, { cve: "CVE-2020-10604", cwe: { id: "CWE-248", name: "Uncaught Exception", }, notes: [ { category: "summary", text: "A remote, unauthenticated attacker could crash PI Network Manager service through specially crafted requests. This can result in blocking connections and queries to PI Data Archive.CVE-2020-10604 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10604", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "OSIsoft provides the following security updates to mitigate the reported vulnerabilities:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports further action should be taken after applying the security updates. Remove PI Asset Framework (AF) Client .NET 3.5 after verifying OSIsoft products that include the PI AF Client, such as PI ProcessBook, PI DataLink and other PI System desktop applications have been upgraded to 2015 (as well as later versions) in order to eliminate exposure to CVE-2020-10608.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For PI System servers and interface nodes that are normally unattended, limit console and remote desktop logon access to authorized administrators.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Individual updates for core PI System components are available. Additionally, the following OSIsoft product installation kits have been re-released to automatically deliver the updated components: ", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Client", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Connectors", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports not all products have been rebundled to include the affected update.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Contact OSIsoft support for guidance on products missing that use affected components that are missing from the currently available releases.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 Manage permissions on HKLM\\Software\\PISystem and HKLM\\WOW6432Node\\Software\\PISystem registry keys to block a high impact exploit path. See OSIsoft customer portal knowledge article PI System Registry Security Recommendations for details on setting registry permissions.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000026046", }, { category: "vendor_fix", details: "CVE-2019-18244 Provision and use domain Group Managed Service Accounts or use the default NetworkService account to run PI Vision AppPools. There is no exposure to this vulnerability when using either of these account types. To limit exposure in case standard domain account is used to run PI Vision AppPools, remove the password entry from the setup log files immediately.\nOSIsoft reports the following measures can be used to lower likelihood of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610, CVE-2020-10608, CVE-2020-10606 Migrate standard users to PI Vision and browser-based access to PI System data.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10608 Restrict network connections from PI client workstations to trusted AF servers (TCP Port 5457).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10606 Disable unused PI Buffering services from PI client workstations (PI Buffer Subsystem, PI Buffer Server).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2019-10768, CVE-2020-10600, CVE-2020-10614 Limit write access to PI Vision displays to trusted users.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "The following measures can be used to lower the potential impact of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 and CVE-2020-10608 Deploy application whitelisting solutions with enforcement for approved DLLs:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For a list of PI System firewall port requirements, see knowledge base article KB01162 - Firewall Port Requirements.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=KB01162", }, { category: "vendor_fix", details: "CVE-2020-10604, CVE-2020-10602, CVE-2020-10600 Fully configure Windows authentication for the PI System and disable legacy authentication methods. For a starting point on PI System security best practices, see knowledge base article KB00833 - Seven best practices for securing your PI Server.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, { category: "vendor_fix", details: "For more information and workaround details for these vulnerabilities, please refer to OSIsoft 's Security Bulletin (registration required): OSIsoft Updates PI System and Common Components.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027554", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, ], }, { cve: "CVE-2020-10602", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "An authenticated remote attacker could crash PI Network Manager due to a race condition. This can result in blocking connections and queries to PI Data Archive.CVE-2020-10602 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10602", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "OSIsoft provides the following security updates to mitigate the reported vulnerabilities:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports further action should be taken after applying the security updates. Remove PI Asset Framework (AF) Client .NET 3.5 after verifying OSIsoft products that include the PI AF Client, such as PI ProcessBook, PI DataLink and other PI System desktop applications have been upgraded to 2015 (as well as later versions) in order to eliminate exposure to CVE-2020-10608.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For PI System servers and interface nodes that are normally unattended, limit console and remote desktop logon access to authorized administrators.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Individual updates for core PI System components are available. Additionally, the following OSIsoft product installation kits have been re-released to automatically deliver the updated components: ", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Client", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Connectors", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports not all products have been rebundled to include the affected update.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Contact OSIsoft support for guidance on products missing that use affected components that are missing from the currently available releases.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 Manage permissions on HKLM\\Software\\PISystem and HKLM\\WOW6432Node\\Software\\PISystem registry keys to block a high impact exploit path. See OSIsoft customer portal knowledge article PI System Registry Security Recommendations for details on setting registry permissions.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000026046", }, { category: "vendor_fix", details: "CVE-2019-18244 Provision and use domain Group Managed Service Accounts or use the default NetworkService account to run PI Vision AppPools. There is no exposure to this vulnerability when using either of these account types. To limit exposure in case standard domain account is used to run PI Vision AppPools, remove the password entry from the setup log files immediately.\nOSIsoft reports the following measures can be used to lower likelihood of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610, CVE-2020-10608, CVE-2020-10606 Migrate standard users to PI Vision and browser-based access to PI System data.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10608 Restrict network connections from PI client workstations to trusted AF servers (TCP Port 5457).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10606 Disable unused PI Buffering services from PI client workstations (PI Buffer Subsystem, PI Buffer Server).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2019-10768, CVE-2020-10600, CVE-2020-10614 Limit write access to PI Vision displays to trusted users.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "The following measures can be used to lower the potential impact of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 and CVE-2020-10608 Deploy application whitelisting solutions with enforcement for approved DLLs:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For a list of PI System firewall port requirements, see knowledge base article KB01162 - Firewall Port Requirements.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=KB01162", }, { category: "vendor_fix", details: "CVE-2020-10604, CVE-2020-10602, CVE-2020-10600 Fully configure Windows authentication for the PI System and disable legacy authentication methods. For a starting point on PI System security best practices, see knowledge base article KB00833 - Seven best practices for securing your PI Server.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, { category: "vendor_fix", details: "For more information and workaround details for these vulnerabilities, please refer to OSIsoft 's Security Bulletin (registration required): OSIsoft Updates PI System and Common Components.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027554", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, ], }, { cve: "CVE-2020-10600", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "An authenticated remote attacker could crash PI Archive Subsystem when the subsystem is working under memory pressure. This can result in blocking queries to PI Data Archive.CVE-2020-10600 has been assigned to this vulnerability. A CVSS v3 base score of 5.9 has been assigned; the CVSS vector string is (AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10600", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", }, ], remediations: [ { category: "vendor_fix", details: "OSIsoft provides the following security updates to mitigate the reported vulnerabilities:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports further action should be taken after applying the security updates. Remove PI Asset Framework (AF) Client .NET 3.5 after verifying OSIsoft products that include the PI AF Client, such as PI ProcessBook, PI DataLink and other PI System desktop applications have been upgraded to 2015 (as well as later versions) in order to eliminate exposure to CVE-2020-10608.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For PI System servers and interface nodes that are normally unattended, limit console and remote desktop logon access to authorized administrators.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Individual updates for core PI System components are available. Additionally, the following OSIsoft product installation kits have been re-released to automatically deliver the updated components: ", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Client", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Connectors", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports not all products have been rebundled to include the affected update.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Contact OSIsoft support for guidance on products missing that use affected components that are missing from the currently available releases.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 Manage permissions on HKLM\\Software\\PISystem and HKLM\\WOW6432Node\\Software\\PISystem registry keys to block a high impact exploit path. See OSIsoft customer portal knowledge article PI System Registry Security Recommendations for details on setting registry permissions.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000026046", }, { category: "vendor_fix", details: "CVE-2019-18244 Provision and use domain Group Managed Service Accounts or use the default NetworkService account to run PI Vision AppPools. There is no exposure to this vulnerability when using either of these account types. To limit exposure in case standard domain account is used to run PI Vision AppPools, remove the password entry from the setup log files immediately.\nOSIsoft reports the following measures can be used to lower likelihood of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610, CVE-2020-10608, CVE-2020-10606 Migrate standard users to PI Vision and browser-based access to PI System data.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10608 Restrict network connections from PI client workstations to trusted AF servers (TCP Port 5457).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10606 Disable unused PI Buffering services from PI client workstations (PI Buffer Subsystem, PI Buffer Server).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2019-10768, CVE-2020-10600, CVE-2020-10614 Limit write access to PI Vision displays to trusted users.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "The following measures can be used to lower the potential impact of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 and CVE-2020-10608 Deploy application whitelisting solutions with enforcement for approved DLLs:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For a list of PI System firewall port requirements, see knowledge base article KB01162 - Firewall Port Requirements.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=KB01162", }, { category: "vendor_fix", details: "CVE-2020-10604, CVE-2020-10602, CVE-2020-10600 Fully configure Windows authentication for the PI System and disable legacy authentication methods. For a starting point on PI System security best practices, see knowledge base article KB00833 - Seven best practices for securing your PI Server.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, { category: "vendor_fix", details: "For more information and workaround details for these vulnerabilities, please refer to OSIsoft 's Security Bulletin (registration required): OSIsoft Updates PI System and Common Components.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027554", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, ], }, { cve: "CVE-2019-10768", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "An authenticated remote attacker could add or modify internal object properties, resulting in undefined behavior.CVE-2019-10768 and CVE-2019-11358 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-10768", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", }, ], remediations: [ { category: "vendor_fix", details: "OSIsoft provides the following security updates to mitigate the reported vulnerabilities:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports further action should be taken after applying the security updates. Remove PI Asset Framework (AF) Client .NET 3.5 after verifying OSIsoft products that include the PI AF Client, such as PI ProcessBook, PI DataLink and other PI System desktop applications have been upgraded to 2015 (as well as later versions) in order to eliminate exposure to CVE-2020-10608.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For PI System servers and interface nodes that are normally unattended, limit console and remote desktop logon access to authorized administrators.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Individual updates for core PI System components are available. Additionally, the following OSIsoft product installation kits have been re-released to automatically deliver the updated components: ", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Client", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Connectors", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports not all products have been rebundled to include the affected update.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Contact OSIsoft support for guidance on products missing that use affected components that are missing from the currently available releases.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 Manage permissions on HKLM\\Software\\PISystem and HKLM\\WOW6432Node\\Software\\PISystem registry keys to block a high impact exploit path. See OSIsoft customer portal knowledge article PI System Registry Security Recommendations for details on setting registry permissions.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000026046", }, { category: "vendor_fix", details: "CVE-2019-18244 Provision and use domain Group Managed Service Accounts or use the default NetworkService account to run PI Vision AppPools. There is no exposure to this vulnerability when using either of these account types. To limit exposure in case standard domain account is used to run PI Vision AppPools, remove the password entry from the setup log files immediately.\nOSIsoft reports the following measures can be used to lower likelihood of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610, CVE-2020-10608, CVE-2020-10606 Migrate standard users to PI Vision and browser-based access to PI System data.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10608 Restrict network connections from PI client workstations to trusted AF servers (TCP Port 5457).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10606 Disable unused PI Buffering services from PI client workstations (PI Buffer Subsystem, PI Buffer Server).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2019-10768, CVE-2020-10600, CVE-2020-10614 Limit write access to PI Vision displays to trusted users.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "The following measures can be used to lower the potential impact of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 and CVE-2020-10608 Deploy application whitelisting solutions with enforcement for approved DLLs:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For a list of PI System firewall port requirements, see knowledge base article KB01162 - Firewall Port Requirements.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=KB01162", }, { category: "vendor_fix", details: "CVE-2020-10604, CVE-2020-10602, CVE-2020-10600 Fully configure Windows authentication for the PI System and disable legacy authentication methods. For a starting point on PI System security best practices, see knowledge base article KB00833 - Seven best practices for securing your PI Server.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, { category: "vendor_fix", details: "For more information and workaround details for these vulnerabilities, please refer to OSIsoft 's Security Bulletin (registration required): OSIsoft Updates PI System and Common Components.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027554", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, ], }, { cve: "CVE-2020-10643", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "summary", text: "An authenticated remote attacker could use specially crafted URLs to send a victim using PI Vision mobile to a vulnerable webpage due to a known issue in a third-party component.CVE-2020-10643 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10643", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "OSIsoft provides the following security updates to mitigate the reported vulnerabilities:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports further action should be taken after applying the security updates. Remove PI Asset Framework (AF) Client .NET 3.5 after verifying OSIsoft products that include the PI AF Client, such as PI ProcessBook, PI DataLink and other PI System desktop applications have been upgraded to 2015 (as well as later versions) in order to eliminate exposure to CVE-2020-10608.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For PI System servers and interface nodes that are normally unattended, limit console and remote desktop logon access to authorized administrators.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Individual updates for core PI System components are available. Additionally, the following OSIsoft product installation kits have been re-released to automatically deliver the updated components: ", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Client", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Connectors", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports not all products have been rebundled to include the affected update.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Contact OSIsoft support for guidance on products missing that use affected components that are missing from the currently available releases.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 Manage permissions on HKLM\\Software\\PISystem and HKLM\\WOW6432Node\\Software\\PISystem registry keys to block a high impact exploit path. See OSIsoft customer portal knowledge article PI System Registry Security Recommendations for details on setting registry permissions.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000026046", }, { category: "vendor_fix", details: "CVE-2019-18244 Provision and use domain Group Managed Service Accounts or use the default NetworkService account to run PI Vision AppPools. There is no exposure to this vulnerability when using either of these account types. To limit exposure in case standard domain account is used to run PI Vision AppPools, remove the password entry from the setup log files immediately.\nOSIsoft reports the following measures can be used to lower likelihood of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610, CVE-2020-10608, CVE-2020-10606 Migrate standard users to PI Vision and browser-based access to PI System data.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10608 Restrict network connections from PI client workstations to trusted AF servers (TCP Port 5457).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10606 Disable unused PI Buffering services from PI client workstations (PI Buffer Subsystem, PI Buffer Server).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2019-10768, CVE-2020-10600, CVE-2020-10614 Limit write access to PI Vision displays to trusted users.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "The following measures can be used to lower the potential impact of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 and CVE-2020-10608 Deploy application whitelisting solutions with enforcement for approved DLLs:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For a list of PI System firewall port requirements, see knowledge base article KB01162 - Firewall Port Requirements.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=KB01162", }, { category: "vendor_fix", details: "CVE-2020-10604, CVE-2020-10602, CVE-2020-10600 Fully configure Windows authentication for the PI System and disable legacy authentication methods. For a starting point on PI System security best practices, see knowledge base article KB00833 - Seven best practices for securing your PI Server.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, { category: "vendor_fix", details: "For more information and workaround details for these vulnerabilities, please refer to OSIsoft 's Security Bulletin (registration required): OSIsoft Updates PI System and Common Components.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027554", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, ], }, { cve: "CVE-2020-10614", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "summary", text: "An authenticated remote attacker with write access to PI Vision databases could inject code into a display. Unauthorized information disclosure, deletion, or modification is possible if a victim views the infected display.CVE-2020-10614 has been assigned to this vulnerability. A CVSS v3 base score of 6.4 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10614", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:H", }, ], remediations: [ { category: "vendor_fix", details: "OSIsoft provides the following security updates to mitigate the reported vulnerabilities:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports further action should be taken after applying the security updates. Remove PI Asset Framework (AF) Client .NET 3.5 after verifying OSIsoft products that include the PI AF Client, such as PI ProcessBook, PI DataLink and other PI System desktop applications have been upgraded to 2015 (as well as later versions) in order to eliminate exposure to CVE-2020-10608.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For PI System servers and interface nodes that are normally unattended, limit console and remote desktop logon access to authorized administrators.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Individual updates for core PI System components are available. Additionally, the following OSIsoft product installation kits have been re-released to automatically deliver the updated components: ", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Client", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Connectors", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports not all products have been rebundled to include the affected update.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Contact OSIsoft support for guidance on products missing that use affected components that are missing from the currently available releases.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 Manage permissions on HKLM\\Software\\PISystem and HKLM\\WOW6432Node\\Software\\PISystem registry keys to block a high impact exploit path. See OSIsoft customer portal knowledge article PI System Registry Security Recommendations for details on setting registry permissions.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000026046", }, { category: "vendor_fix", details: "CVE-2019-18244 Provision and use domain Group Managed Service Accounts or use the default NetworkService account to run PI Vision AppPools. There is no exposure to this vulnerability when using either of these account types. To limit exposure in case standard domain account is used to run PI Vision AppPools, remove the password entry from the setup log files immediately.\nOSIsoft reports the following measures can be used to lower likelihood of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610, CVE-2020-10608, CVE-2020-10606 Migrate standard users to PI Vision and browser-based access to PI System data.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10608 Restrict network connections from PI client workstations to trusted AF servers (TCP Port 5457).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10606 Disable unused PI Buffering services from PI client workstations (PI Buffer Subsystem, PI Buffer Server).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2019-10768, CVE-2020-10600, CVE-2020-10614 Limit write access to PI Vision displays to trusted users.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "The following measures can be used to lower the potential impact of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 and CVE-2020-10608 Deploy application whitelisting solutions with enforcement for approved DLLs:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For a list of PI System firewall port requirements, see knowledge base article KB01162 - Firewall Port Requirements.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=KB01162", }, { category: "vendor_fix", details: "CVE-2020-10604, CVE-2020-10602, CVE-2020-10600 Fully configure Windows authentication for the PI System and disable legacy authentication methods. For a starting point on PI System security best practices, see knowledge base article KB00833 - Seven best practices for securing your PI Server.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, { category: "vendor_fix", details: "For more information and workaround details for these vulnerabilities, please refer to OSIsoft 's Security Bulletin (registration required): OSIsoft Updates PI System and Common Components.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027554", }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:H", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, ], }, { cve: "CVE-2019-18244", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, notes: [ { category: "summary", text: "A local attacker could view sensitive information in log files when service accounts are customized during installation or upgrade of PI Vision. The update fixes a previously reported issue.CVE-2019-18244 has been assigned to this vulnerability. A CVSS v3 base score of 5.1 has been assigned; the CVSS vector string is (AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-18244", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "OSIsoft provides the following security updates to mitigate the reported vulnerabilities:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports further action should be taken after applying the security updates. Remove PI Asset Framework (AF) Client .NET 3.5 after verifying OSIsoft products that include the PI AF Client, such as PI ProcessBook, PI DataLink and other PI System desktop applications have been upgraded to 2015 (as well as later versions) in order to eliminate exposure to CVE-2020-10608.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For PI System servers and interface nodes that are normally unattended, limit console and remote desktop logon access to authorized administrators.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Individual updates for core PI System components are available. Additionally, the following OSIsoft product installation kits have been re-released to automatically deliver the updated components: ", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Client", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Server", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Connectors", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "OSIsoft reports not all products have been rebundled to include the affected update.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "Contact OSIsoft support for guidance on products missing that use affected components that are missing from the currently available releases.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 Manage permissions on HKLM\\Software\\PISystem and HKLM\\WOW6432Node\\Software\\PISystem registry keys to block a high impact exploit path. See OSIsoft customer portal knowledge article PI System Registry Security Recommendations for details on setting registry permissions.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000026046", }, { category: "vendor_fix", details: "CVE-2019-18244 Provision and use domain Group Managed Service Accounts or use the default NetworkService account to run PI Vision AppPools. There is no exposure to this vulnerability when using either of these account types. To limit exposure in case standard domain account is used to run PI Vision AppPools, remove the password entry from the setup log files immediately.\nOSIsoft reports the following measures can be used to lower likelihood of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610, CVE-2020-10608, CVE-2020-10606 Migrate standard users to PI Vision and browser-based access to PI System data.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10608 Restrict network connections from PI client workstations to trusted AF servers (TCP Port 5457).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10606 Disable unused PI Buffering services from PI client workstations (PI Buffer Subsystem, PI Buffer Server).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2019-10768, CVE-2020-10600, CVE-2020-10614 Limit write access to PI Vision displays to trusted users.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "The following measures can be used to lower the potential impact of exploitation:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "CVE-2020-10610 and CVE-2020-10608 Deploy application whitelisting solutions with enforcement for approved DLLs:", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027258", }, { category: "vendor_fix", details: "For a list of PI System firewall port requirements, see knowledge base article KB01162 - Firewall Port Requirements.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=KB01162", }, { category: "vendor_fix", details: "CVE-2020-10604, CVE-2020-10602, CVE-2020-10600 Fully configure Windows authentication for the PI System and disable legacy authentication methods. For a starting point on PI System security best practices, see knowledge base article KB00833 - Seven best practices for securing your PI Server.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, { category: "vendor_fix", details: "For more information and workaround details for these vulnerabilities, please refer to OSIsoft 's Security Bulletin (registration required): OSIsoft Updates PI System and Common Components.", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], url: "https://customers.osisoft.com/s/knowledgearticle?knowledgeArticleUrl=000027554", }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", "CSAFPID-00021", "CSAFPID-00022", "CSAFPID-00023", "CSAFPID-00024", "CSAFPID-00025", "CSAFPID-00026", "CSAFPID-00027", "CSAFPID-00028", ], }, ], }, ], }
ghsa-2rq5-3pp8-hc24
Vulnerability from github
Published
2022-05-24 17:24
Modified
2024-04-04 02:55
Severity ?
Details
In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized information disclosure, deletion, or modification.
{ affected: [], aliases: [ "CVE-2020-10608", ], database_specific: { cwe_ids: [ "CWE-347", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2020-07-24T23:15:00Z", severity: "HIGH", }, details: "In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized information disclosure, deletion, or modification.", id: "GHSA-2rq5-3pp8-hc24", modified: "2024-04-04T02:55:05Z", published: "2022-05-24T17:24:20Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-10608", }, { type: "WEB", url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", type: "CVSS_V3", }, ], }
fkie_cve-2020-10608
Vulnerability from fkie_nvd
Published
2020-07-24 23:15
Modified
2024-11-21 04:55
Severity ?
Summary
In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized information disclosure, deletion, or modification.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02 | Third Party Advisory, US Government Resource |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:osisoft:pi_api:*:*:*:*:*:*:*:*", matchCriteriaId: "9D7B554C-447F-4C1B-838F-A6E8F690F6A6", versionEndIncluding: "1.6.8.26", vulnerable: true, }, { criteria: "cpe:2.3:a:osisoft:pi_api:*:*:*:*:*:windows_integrated_security:*:*", matchCriteriaId: "EDCD07A7-9079-444E-8AF0-EDD2CE8CEED4", versionEndIncluding: "2.0.2.5", vulnerable: true, }, { criteria: "cpe:2.3:a:osisoft:pi_buffer_subsystem:*:*:*:*:*:*:*:*", matchCriteriaId: "9A895F35-CC2E-4B74-99E7-5801C4276336", versionEndIncluding: "4.8.0.18", vulnerable: true, }, { criteria: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:ping:*:*", matchCriteriaId: "19394A8B-C47C-4A1C-8D73-B2FAE624B504", versionEndIncluding: "1.0.0.54", vulnerable: true, }, { criteria: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:ethernet\\/ip:*:*", matchCriteriaId: "E0889A10-FEFA-422A-81C6-33595076D5B9", versionEndIncluding: "1.1.0.10", vulnerable: true, }, { criteria: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:bacnet:*:*", matchCriteriaId: "F024275D-CC0D-40A6-8618-B8C2BCAC3453", versionEndIncluding: "1.2.0.6", vulnerable: true, }, { criteria: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:dc_systems_rtscada:*:*", matchCriteriaId: "1634EED8-EE12-4F24-9D79-2108906D5941", versionEndIncluding: "1.2.0.42", vulnerable: true, }, { criteria: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:siemens_simatic_pcs_7:*:*", matchCriteriaId: "3E4CA46D-C31A-4052-B3F1-755DC273D662", versionEndIncluding: "1.2.1.71", vulnerable: true, }, { criteria: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:iec_60870-5-104:*:*", matchCriteriaId: "24376704-9C47-4BE7-AB95-1E5E194AD5A9", versionEndIncluding: "1.2.2.79", vulnerable: true, }, { criteria: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:hart-ip:*:*", matchCriteriaId: "DB0A663F-3C53-43CF-AE8B-C2FD93AE0547", versionEndIncluding: "1.3.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:opc-ua:*:*", matchCriteriaId: "DC780244-6475-4051-A901-02CF37CD80DC", versionEndIncluding: "1.3.0.130", vulnerable: true, }, { criteria: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:ufl:*:*", matchCriteriaId: "9912030A-5A3C-4254-B440-D3D8C47432A9", versionEndIncluding: "1.3.1.135", vulnerable: true, }, { criteria: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:cygnet:*:*", matchCriteriaId: "56274097-C75B-48BB-AA8A-C1213BCD1F37", versionEndIncluding: "1.4.0.17", vulnerable: true, }, { criteria: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:wonderware_historian:*:*", matchCriteriaId: "EEB864E3-549D-4B2D-B89F-74E2F2454BEC", versionEndIncluding: "1.5.0.88", vulnerable: true, }, { criteria: "cpe:2.3:a:osisoft:pi_connector_relay:*:*:*:*:*:*:*:*", matchCriteriaId: "474D5BE5-759E-4760-A4CC-661019379A47", versionEndIncluding: "2.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:osisoft:pi_data_archive:*:*:*:*:*:*:*:*", matchCriteriaId: "A918A5B9-40B4-4B00-A9F3-5F2F551447B5", versionEndIncluding: "3.4.430.460", vulnerable: true, }, { criteria: "cpe:2.3:a:osisoft:pi_data_collection_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C99F2BBE-D5E7-4F6F-B03F-1250F9D31542", versionEndIncluding: "2.5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:osisoft:pi_integrator:*:*:*:*:*:business_analytics:*:*", matchCriteriaId: "31D2D676-90D7-4516-BCDB-86DE0F34B43B", versionEndIncluding: "2.2.0.183", vulnerable: true, }, { criteria: "cpe:2.3:a:osisoft:pi_interface_configuration_utility:*:*:*:*:*:*:*:*", matchCriteriaId: "23B33817-C61B-4369-A5B0-A9CAA6E83C62", versionEndIncluding: "1.5.0.7", vulnerable: true, }, { criteria: "cpe:2.3:a:osisoft:pi_to_ocs:*:*:*:*:*:*:*:*", matchCriteriaId: "A0D626AC-1990-4885-AEEB-8E897D6A9FF9", versionEndIncluding: "1.1.36.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized information disclosure, deletion, or modification.", }, { lang: "es", value: "En múltiples productos y versiones de OSIsoft PI System, un atacante local puede plantar un binario y omitir una comprobación de integridad de código para cargar bibliotecas de PI System. Esta explotación puede apuntar a otro usuario local del software PI System en la computadora para escalar privilegios y resultar en una divulgación, eliminación o modificación de información no autorizada", }, ], id: "CVE-2020-10608", lastModified: "2024-11-21T04:55:41.463", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-07-24T23:15:11.877", references: [ { source: "ics-cert@hq.dhs.gov", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02", }, ], sourceIdentifier: "ics-cert@hq.dhs.gov", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-347", }, ], source: "ics-cert@hq.dhs.gov", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-347", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
gsd-2020-10608
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized information disclosure, deletion, or modification.
Aliases
Aliases
{ GSD: { alias: "CVE-2020-10608", description: "In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized information disclosure, deletion, or modification.", id: "GSD-2020-10608", }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2020-10608", ], details: "In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized information disclosure, deletion, or modification.", id: "GSD-2020-10608", modified: "2023-12-13T01:22:04.750373Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "ics-cert@hq.dhs.gov", ID: "CVE-2020-10608", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "OSIsoft PI System multiple products and versions", version: { version_data: [ { version_value: "OSIsoft PI System multiple products and versions", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized information disclosure, deletion, or modification.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "IMPROPER VERIFICATION OF CRYPTOGRAPHIC SIGNATURE CWE-347", }, ], }, ], }, references: { reference_data: [ { name: "https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02", refsource: "MISC", url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:osisoft:pi_api:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "1.6.8.26", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_api:*:*:*:*:*:windows_integrated_security:*:*", cpe_name: [], versionEndIncluding: "2.0.2.5", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_buffer_subsystem:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "4.8.0.18", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:ping:*:*", cpe_name: [], versionEndIncluding: "1.0.0.54", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:ethernet\\/ip:*:*", cpe_name: [], versionEndIncluding: "1.1.0.10", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:bacnet:*:*", cpe_name: [], versionEndIncluding: "1.2.0.6", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:dc_systems_rtscada:*:*", cpe_name: [], versionEndIncluding: "1.2.0.42", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:siemens_simatic_pcs_7:*:*", cpe_name: [], versionEndIncluding: "1.2.1.71", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:iec_60870-5-104:*:*", cpe_name: [], versionEndIncluding: "1.2.2.79", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:hart-ip:*:*", cpe_name: [], versionEndIncluding: "1.3.0.1", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:opc-ua:*:*", cpe_name: [], versionEndIncluding: "1.3.0.130", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:ufl:*:*", cpe_name: [], versionEndIncluding: "1.3.1.135", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:cygnet:*:*", cpe_name: [], versionEndIncluding: "1.4.0.17", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_connector:*:*:*:*:*:wonderware_historian:*:*", cpe_name: [], versionEndIncluding: "1.5.0.88", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_connector_relay:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "2.5.19.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_data_archive:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "3.4.430.460", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_data_collection_manager:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "2.5.19.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_integrator:*:*:*:*:*:business_analytics:*:*", cpe_name: [], versionEndIncluding: "2.2.0.183", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_interface_configuration_utility:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "1.5.0.7", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:osisoft:pi_to_ocs:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "1.1.36.0", vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "ics-cert@hq.dhs.gov", ID: "CVE-2020-10608", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized information disclosure, deletion, or modification.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-347", }, ], }, ], }, references: { reference_data: [ { name: "https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02", refsource: "MISC", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02", }, ], }, }, impact: { baseMetricV2: { acInsufInfo: false, cvssV2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: false, }, baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, }, }, lastModifiedDate: "2020-08-05T18:06Z", publishedDate: "2020-07-24T23:15Z", }, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.