← back
CVE-2020-10608

CVE-2020-10608

EPSS 0.2%CWE-347
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
24 Jul 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In OSIsoft PI System multiple products and versions, a local attacker can plant a binary and bypass a code integrity check for loading PI System libraries. This exploitation can target another local user of PI System software on the computer to escalate privilege and result in unauthorized information disclosure, deletion, or modification.
Affected products
n/a · OSIsoft PI System multiple products and versions

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://us-cert.cisa.gov/ics/advisories/icsa-20-133-02