← Back to home
ICSA-16-166-01  ·  Published 2025-06-09  ·  View on CISA ICS-CERT ↗

OSIsoft PI SQL Data Access Server Input Validation Vulnerability

CVSS 6.5 MEDIUM

CVEs (1)

Remediations

  • OSIsoft recommends upgrading to PI SQL Data Access Server (OLE DB) 2016 (1.5) to address this issue. OSIsoft recommends that users use a host-based firewall to limit access to Ports 5461 and 5462 only to trusted workstations and PI SQL client products such as: PI JDBC Driver, PI ODBC Driver.
  • They also recommend that access to PI SQL Data Access Server be limited to only those users who need it through user rights assignment security policy.

Affected Vendors

OSIsoft

Affected Products (2)

OSIsoft · PI JDBC Driver 2015 <=1.4.1.404
OSIsoft · PI ODBC Driver 2015 <=3.5.403

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more