CVE-2024-3467

There is a vulnerability in AVEVA PI Asset Framework Client that could allow malicious code to execute on the PI System Explorer environment under the privileges of an interactive user that was socially engineered to import XML supplied by an attacker.

CVSS

No CVSS.

References

Link	Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-24-163-03

Configurations

No configuration.

History

13 Jun 2024, 18:36

Type	Values Removed	Values Added
Summary		(es) Existe una vulnerabilidad en AVEVA PI Asset Framework Client que podría permitir que se ejecute código malicioso en el entorno de PI System Explorer bajo los privilegios de un usuario interactivo que fue manipulado socialmente para importar XML proporcionado por un atacante.

12 Jun 2024, 21:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-06-12 21:15

Updated : 2024-06-13 18:36

NVD link : CVE-2024-3467

Mitre link : CVE-2024-3467

CVE.ORG link : CVE-2024-3467

JSON object : View

Products Affected

No product.

CWE

CWE-502

Deserialization of Untrusted Data

JSON object

Attach tags to CVE-2024-3467

Attach tags to `CVE-2024-3467`