Risk Summary
Successful exploitation of this vulnerability could allow remote code execution or cause a denial of service, resulting in disclosure, deletion, or modification of information.
CVEs (1)
Remediations
- OSIsoft recommends users upgrade to PI SQL Client 2018 R2 or later to resolve this issue. To download PI SQL Client 2018 R2, please access the OSIsoft customer portal (login required).
- Configure the PI SQL Client OLEDB 2018 Data Link Advanced Properties to use NetTcp (Port 5465) and delete Https/Soap (Port 5464) from the network protocol order.
- Restrict PI SQL Client outbound network connections to trusted servers.
- Monitor network infrastructure for spoofing attacks on PI SQL Data Access Servers.
- Monitor PI SQL Data Access Servers for unauthorized access.
- Execute PI SQL Client using a least privilege account.
- Use application whitelisting on the PI SQL Client to block unauthorized code execution.
- For more information on this vulnerability, please refer to OSIsoft's security bulletin (login required): OSIsoft releases security update to PI SQL Client 2018
Affected Vendors
OSIsoft LLC
Affected Products (1)
OSIsoft LLC
·
PI SQL Client
2018 (PI SQL Client OLEDB 2018)
Affected Sectors
Commercial Facilities, Critical Manufacturing, Energy, Government Facilities, Healthcare and Public Health
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more