Primary

Context

AVEVA PI Connector for CygNet Improper Validation of Integrity Check Value Vulnerability Allowing Denial-of-Service

Vulnerability

Patched

A vulnerability exists in AVEVA PI Connector for CygNet, affecting versions through 1.6.14, due to improper validation of integrity check values. This vulnerability could allow an individual with elevated privileges to alter local data files, such as cache and buffers, in a manner that causes the connector service to become unresponsive.

Impact

Exploitation of this vulnerability could lead to a denial-of-service condition, causing the connector service to become unresponsive.

Remediation

Users can upgrade to PI Connector for CygNet version 1.7.0 or higher to address this vulnerability. For additional information, refer to the AVEVA Security Bulletin AVEVA-2025-002.

Added: Jun 12, 2025, 8:20 PM

Updated: Jun 12, 2025, 8:20 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

3.1

exploitability

3.0

remediation

7.9

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

3.1

exploitability

3.0

remediation

7.9

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AVEVA PI Connector for CygNet Improper Validation of Integrity Check Value Vulnerability Allowing Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

AVEVA PI Connector for CygNet

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating