GCVE - cpe:2.3:a:aveva:pi_server:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:aveva:pi_server:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Aveva (`419325dd-398d-5d8e-98c9-e41c800a541d`)
Product	Pi Server (`8fbf0dd0-4937-5463-bce0-4685f81a3282`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-44019`	vulnerable	2026-06-03 15:01:18.504353	AVEVA PI Data Archive Uncaught Exception HIGH (7.1) AVEVA PI Data Archive products are vulnerable to an uncaught exception that, if exploited, could allow an authenticated user to shut down certain necessary PI Data Archive subsystems, resulting in a denial of service. Depending on the timing of the crash, data present in snapshots/write cache may be lost. Published: 2025-06-12T19:51:56.663Z Updated: 2025-06-12T20:06:50.361Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-07 https://www.aveva.com/en/support-and-success/cyber-security-updates/ https://my.osisoft.com/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-36539`	vulnerable	2026-06-03 15:00:53.601360	AVEVA PI Data Archive Uncaught Exception MEDIUM (6.5) AVEVA PI Data Archive products are vulnerable to an uncaught exception that, if exploited, could allow an authenticated user to shut down certain necessary PI Data Archive subsystems, resulting in a denial of service. Published: 2025-06-12T19:56:33.320Z Updated: 2025-06-12T20:04:23.575Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-07 https://www.aveva.com/en/support-and-success/cyber-security-updates/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-34348`	vulnerable	2026-06-03 14:52:16.272197	Improper Check or Handling of Exceptional Conditions in Aveva PI Server HIGH (7.5) AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could allow an unauthenticated user to remotely crash the PI Message Subsystem of a PI Server, resulting in a denial-of-service condition. Published: 2024-01-18T17:16:50.038Z Updated: 2024-10-21T11:44:39.250Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/ics-advisories/icsa-24-018-01	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-31274`	vulnerable	2026-06-03 14:51:55.173287	Missing Release of Resource after Effective Lifetime vulnerability in Aveva PI Server MEDIUM (5.3) AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could allow an unauthenticated user to cause the PI Message Subsystem of a PI Server to consume available memory resulting in throttled processing of new PI Data Archive events and a partial denial-of-service condition. Published: 2024-01-18T17:15:25.837Z Updated: 2024-08-29T20:02:08.687Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/ics-advisories/icsa-24-018-01	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.