CVE-2025-4417

AVEVA PI Connector for CygNet Cross-site Scripting

Description

A cross-site scripting vulnerability exists in AVEVA PI Connector for CygNet Versions 1.6.14 and prior that, if exploited, could allow an administrator miscreant with local access to the connector admin portal to persist arbitrary JavaScript code that will be executed by other users who visit affected pages.

Remediation

Solution:

  • AVEVA recommends that organizations evaluate the impact of these vulnerabilities based on their operational environment, architecture, and product implementation. Users of affected product versions should apply security updates to mitigate the risk of exploit. All affected versions of PI Connector for CygNet can be fixed by upgrading to PI Connector for CygNet v1.7.0 or higher. From OSISoft Customer Portal https://my.osisoft.com/ , search for "PI Connector for CygNet" and select Version 1.7.0 or higher. For additional information please refer to AVEVA-2025-002 https://www.aveva.com/en/support-and-success/cyber-security-updates/ .

Workaround:

  • AVEVA further recommends users follow general defensive measures: * Ensure that PI Connector for CygNet administrative access is only provided to trusted entities. * Audit custom installation folder Access Control Lists (ACLs) to ensure access is only provided to trusted entities. * Audit and limit membership to the OS Local "Administrators" and "PI Connector Administrators" groups. For additional information please refer to AVEVA-2025-002 https://www.aveva.com/en/support-and-success/cyber-security-updates/ .

Category

6.9
CVSS
Severity: Medium
CVSS 4.0 •
CVSS 3.1 •
EPSS 0.02%
Affected: AVEVA PI Connector for CygNet
Published at:
Updated at:

References

Link Tags
https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-09
https://www.aveva.com/en/support-and-success/cyber-security-updates/

Frequently Asked Questions

What is the severity of CVE-2025-4417?
CVE-2025-4417 has been scored as a medium severity vulnerability.
How to fix CVE-2025-4417?
To fix CVE-2025-4417: AVEVA recommends that organizations evaluate the impact of these vulnerabilities based on their operational environment, architecture, and product implementation. Users of affected product versions should apply security updates to mitigate the risk of exploit. All affected versions of PI Connector for CygNet can be fixed by upgrading to PI Connector for CygNet v1.7.0 or higher. From OSISoft Customer Portal https://my.osisoft.com/ , search for "PI Connector for CygNet" and select Version 1.7.0 or higher. For additional information please refer to AVEVA-2025-002 https://www.aveva.com/en/support-and-success/cyber-security-updates/ .
Is CVE-2025-4417 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2025-4417 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-4417?
CVE-2025-4417 affects AVEVA PI Connector for CygNet.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.