CVE-2026-1507 (GCVE-0-2026-1507)

Vulnerability from cvelistv5 – Published: 2026-02-10 20:19 – Updated: 2026-02-12 18:47
VLAI?
Title
Uncaught Exception vulnerability in AVEVA PI Data Archive
Summary
The affected products are vulnerable to an uncaught exception that could allow an unauthenticated attacker to remotely crash core PI services resulting in a denial-of-service.
Severity ?
7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.7 (High)
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
CWE
Assigner
References
Impacted products
Vendor Product Version
AVEVA PI Data Archive PI Server Affected: 0 , ≤ 2018_SP3_Patch_7 (custom)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-1507",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-12T18:46:57.197406Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-12T18:47:05.938Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PI Data Archive PI Server",
          "vendor": "AVEVA",
          "versions": [
            {
              "lessThanOrEqual": "2018_SP3_Patch_7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2026-02-10T19:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe affected products are vulnerable to an uncaught exception that could allow an unauthenticated attacker to remotely crash core PI services resulting in a denial-of-service.\u003c/span\u003e"
            }
          ],
          "value": "The affected products are vulnerable to an uncaught exception that could allow an unauthenticated attacker to remotely crash core PI services resulting in a denial-of-service."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-248",
              "description": "CWE-248 Uncaught Exception",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-10T20:19:18.886Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "government-resource"
          ],
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-041-03"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eAVEVA recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation. Users of affected product versions should apply security updates to mitigate the risk of exploit.\u003c/p\u003e\u003cp\u003eAll impacted versions of PI Data Archive can be fixed by upgrading to PI Server 2024 R2 or later available here: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/en-US/downloads/products/details/8c9b0e8c-eb68-481f-b420-c87a253a4172\"\u003ehttps://softwaresupportsp.aveva.com/en-US/downloads/products/details/8c9b0e8c-eb68-481f-b420-c87a253a4172\u003c/a\u003e.\u003c/p\u003e\u003cp\u003ePI Data Archive delivered by PI Server 2018 SP3 Patch 7 and prior can be fixed by upgrading to PI Server 2018 SP3 Patch 8 or higher available here: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/en-US/downloads/products/details/79492560-7e4c-4800-8bd7-40cce61a17d2\"\u003ehttps://softwaresupportsp.aveva.com/en-US/downloads/products/details/79492560-7e4c-4800-8bd7-40cce61a17d2\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eThe following general defensive measures are recommended: * Monitor liveness of services listed in your installation\u2019s \u201c\\PI\\adm\\pisrvstart.bat\u201d. * Set the PI Data Archive Subsystem services to automatically restart. * PI Data Archive nodes should limit port 5450 inbound access to trusted workstations, users, and software.\u003c/p\u003e\u003cp\u003eFor additional information please refer to AVEVA-2026-002(\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2026-002.pdf)\"\u003ehttps://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AV...\u003c/a\u003e.\u003c/span\u003e\n\n\u003c/p\u003e"
            }
          ],
          "value": "AVEVA recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation. Users of affected product versions should apply security updates to mitigate the risk of exploit.\n\nAll impacted versions of PI Data Archive can be fixed by upgrading to PI Server 2024 R2 or later available here:  https://softwaresupportsp.aveva.com/en-US/downloads/products/details/8c9b0e8c-eb68-481f-b420-c87a253a4172 .\n\nPI Data Archive delivered by PI Server 2018 SP3 Patch 7 and prior can be fixed by upgrading to PI Server 2018 SP3 Patch 8 or higher available here:  https://softwaresupportsp.aveva.com/en-US/downloads/products/details/79492560-7e4c-4800-8bd7-40cce61a17d2 .\n\nThe following general defensive measures are recommended: * Monitor liveness of services listed in your installation\u2019s \u201c\\PI\\adm\\pisrvstart.bat\u201d. * Set the PI Data Archive Subsystem services to automatically restart. * PI Data Archive nodes should limit port 5450 inbound access to trusted workstations, users, and software.\n\nFor additional information please refer to AVEVA-2026-002(\n\n https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AV... https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2026-002.pdf) ."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Uncaught Exception vulnerability in AVEVA PI Data Archive",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2026-1507",
    "datePublished": "2026-02-10T20:19:18.886Z",
    "dateReserved": "2026-01-27T20:22:05.820Z",
    "dateUpdated": "2026-02-12T18:47:05.938Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-1507\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2026-02-10T21:16:01.647\",\"lastModified\":\"2026-02-10T21:51:48.077\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The affected products are vulnerable to an uncaught exception that could allow an unauthenticated attacker to remotely crash core PI services resulting in a denial-of-service.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-248\"}]}],\"references\":[{\"url\":\"https://www.cisa.gov/news-events/ics-advisories/icsa-26-041-03\",\"source\":\"ics-cert@hq.dhs.gov\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-1507\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-02-12T18:46:57.197406Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-02-12T18:47:02.489Z\"}}], \"cna\": {\"title\": \"Uncaught Exception vulnerability in AVEVA PI Data Archive\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 8.7, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N\", \"exploitMaturity\": \"NOT_DEFINED\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"AVEVA\", \"product\": \"PI Data Archive PI Server\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"2018_SP3_Patch_7\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"AVEVA recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation. Users of affected product versions should apply security updates to mitigate the risk of exploit.\\n\\nAll impacted versions of PI Data Archive can be fixed by upgrading to PI Server 2024 R2 or later available here:  https://softwaresupportsp.aveva.com/en-US/downloads/products/details/8c9b0e8c-eb68-481f-b420-c87a253a4172 .\\n\\nPI Data Archive delivered by PI Server 2018 SP3 Patch 7 and prior can be fixed by upgrading to PI Server 2018 SP3 Patch 8 or higher available here:  https://softwaresupportsp.aveva.com/en-US/downloads/products/details/79492560-7e4c-4800-8bd7-40cce61a17d2 .\\n\\nThe following general defensive measures are recommended: * Monitor liveness of services listed in your installation\\u2019s \\u201c\\\\PI\\\\adm\\\\pisrvstart.bat\\u201d. * Set the PI Data Archive Subsystem services to automatically restart. * PI Data Archive nodes should limit port 5450 inbound access to trusted workstations, users, and software.\\n\\nFor additional information please refer to AVEVA-2026-002(\\n\\n https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AV... https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2026-002.pdf) .\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eAVEVA recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation. Users of affected product versions should apply security updates to mitigate the risk of exploit.\u003c/p\u003e\u003cp\u003eAll impacted versions of PI Data Archive can be fixed by upgrading to PI Server 2024 R2 or later available here: \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://softwaresupportsp.aveva.com/en-US/downloads/products/details/8c9b0e8c-eb68-481f-b420-c87a253a4172\\\"\u003ehttps://softwaresupportsp.aveva.com/en-US/downloads/products/details/8c9b0e8c-eb68-481f-b420-c87a253a4172\u003c/a\u003e.\u003c/p\u003e\u003cp\u003ePI Data Archive delivered by PI Server 2018 SP3 Patch 7 and prior can be fixed by upgrading to PI Server 2018 SP3 Patch 8 or higher available here: \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://softwaresupportsp.aveva.com/en-US/downloads/products/details/79492560-7e4c-4800-8bd7-40cce61a17d2\\\"\u003ehttps://softwaresupportsp.aveva.com/en-US/downloads/products/details/79492560-7e4c-4800-8bd7-40cce61a17d2\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eThe following general defensive measures are recommended: * Monitor liveness of services listed in your installation\\u2019s \\u201c\\\\PI\\\\adm\\\\pisrvstart.bat\\u201d. * Set the PI Data Archive Subsystem services to automatically restart. * PI Data Archive nodes should limit port 5450 inbound access to trusted workstations, users, and software.\u003c/p\u003e\u003cp\u003eFor additional information please refer to AVEVA-2026-002(\\n\\n\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2026-002.pdf)\\\"\u003ehttps://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AV...\u003c/a\u003e.\u003c/span\u003e\\n\\n\u003c/p\u003e\", \"base64\": false}]}], \"datePublic\": \"2026-02-10T19:00:00.000Z\", \"references\": [{\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-26-041-03\", \"tags\": [\"government-resource\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.5.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"The affected products are vulnerable to an uncaught exception that could allow an unauthenticated attacker to remotely crash core PI services resulting in a denial-of-service.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eThe affected products are vulnerable to an uncaught exception that could allow an unauthenticated attacker to remotely crash core PI services resulting in a denial-of-service.\u003c/span\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-248\", \"description\": \"CWE-248 Uncaught Exception\"}]}], \"providerMetadata\": {\"orgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"shortName\": \"icscert\", \"dateUpdated\": \"2026-02-10T20:19:18.886Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-1507\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-12T18:47:05.938Z\", \"dateReserved\": \"2026-01-27T20:22:05.820Z\", \"assignerOrgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"datePublished\": \"2026-02-10T20:19:18.886Z\", \"assignerShortName\": \"icscert\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.