You are here

OSIsoft PI SQL Client (ICSA-19-253-06) – Product Used in the Energy Sector

OSIsoft PI SQL Client (ICSA-19-253-06) – Product Used in the Energy Sector

Created: Tuesday, September 10, 2019 - 15:55
Categories:
Cybersecurity

The NCCIC has published an advisory on an integer overflow wraparound vulnerability in OSIsoft PI SQL Client. PI SQL Client 2018 (PI SQL Client OLEDB 2018) is affected. Successful exploitation of this vulnerability could allow remote code execution or cause a denial of service, resulting in disclosure, deletion, or modification of information. OSIsoft recommends users upgrade to PI SQL Client 2018 R2 or later to resolve this issue. The NCCIC also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.