Denial of Service Vulnerability in AVEVA PI Data Archive Products
CVE-2025-44019

7.1HIGH

Key Information:

Vendor: Aveva
Status: Pi Data Archive; Pi Server
Vendor: CVE Published:; 12 June 2025

What is CVE-2025-44019?

AVEVA PI Data Archive products are susceptible to an unhandled exception that may be exploited by authenticated users. This could lead to the shutdown of essential subsystems within the PI Data Archive, thereby causing a denial of service. If the failure occurs at specific times, there might also be a risk of losing critical data stored in snapshots and the write cache.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

PI Data Archive 0 <= 2018 SP3 Patch 4

PI Data Archive 2023

PI Data Archive 2023 Patch 1

References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-1...

https://www.aveva.com/en/support-and-success/cyber-securi...

https://my.osisoft.com/

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Jun 12, 2025
Vulnerability Reserved
Apr 21, 2025

Credit

AVEVA reported these vulnerabilities to CISA.

JSON

Aveva

What is CVE-2025-44019?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.