Back to search
CVE-2024-3468
Published: Jun 12, 2024
Modified: Aug 1, 2024
PUBLISHED
Description
There is a vulnerability in AVEVA PI Web API that could allow malicious code to execute on the PI Web API environment under the privileges of an interactive user that was socially engineered to use API XML import functionality with content supplied by an attacker.
| Vendor | Product | Versions |
|---|---|---|
AVEVA | PI Web API | affected 0 - <= 2023 |
Weaknesses (CWE)
References
https://www.cisa.gov/news-events/ics-advisories/icsa-24-163-02
government-resource
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now