7.1
CVE-2025-36539
- EPSS 0.06%
- Published 12.06.2025 19:56:33
- Last modified 16.06.2025 12:32:18
- Source ics-cert@hq.dhs.gov
- Teams watchlist Login
- Open Login
AVEVA PI Data Archive products are vulnerable to an uncaught exception that, if exploited, could allow an authenticated user to shut down certain necessary PI Data Archive subsystems, resulting in a denial of service.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorAVEVA
≫
Product
PI Data Archive
Default Statusunaffected
Version <=
2018 SP3 Patch 4
Version
2023
Status
affected
VendorAVEVA
≫
Product
PI Data Archive
Default Statusunaffected
Version
2023 Patch 1
Status
affected
VendorAVEVA
≫
Product
PI Server
Default Statusunaffected
Version <=
2018 SP3 Patch 6
Version
2023
Status
affected
VendorAVEVA
≫
Product
PI Server
Default Statusunaffected
Version <=
2018 SP3 Patch 6
Version
2023 Patch 1
Status
affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.183 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| ics-cert@hq.dhs.gov | 7.1 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| ics-cert@hq.dhs.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-248 Uncaught Exception
An exception is thrown from a function, but it is not caught.