The NCCIC has released an advisory on vulnerabilities in OSIsoft PI Data Archive. OSIsoft PI Data Archive versions 2016 R2 and prior are affected. Successful exploitation of these vulnerabilities could cause loss of network access to the device or allow escalated privileges that may result in gaining full control of the PI Data Archive server. OSIsoft recommends that customers upgrade to PI Data Archive 2017 R2. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability. ICS-CERT.
Register for March’s Cyber Threat Briefing on 3/22 at 2 PM EST! LEARN MORE HERE.