CVE-2023-34348

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jan 18, 2024

Updated: Jan 26, 2024

CWE ID 755

CWE ID 703

Summary

CVE-2023-34348 is a vulnerability affecting AVEVA PI Server versions 2023 and 2018 SP3 P05 and earlier. This issue permits an unauthenticated attacker to cause a denial-of-service condition by remotely crashing the PI Message Subsystem of a PI Server. Successful exploitation results in the subsystem becoming unresponsive, denying access to legitimate users. This vulnerability poses a significant risk to organizations that use these PI Server versions, making it essential to apply the necessary security patches as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Aveva Group

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/rzabf3
https://www.cve.org/CVERecord?id=CVE-2023-34348
https://nvd.nist.gov/vuln/detail/CVE-2023-34348

Back to Vulnerability Database

CVE-2023-34348

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations