ГлавнаяУязвимости → CVE-2025-64729
8.1высокая

CVE-2025-64729

Описание

The vulnerability, if exploited, could allow an authenticated miscreant (OS Standard User) to tamper with Process Optimization project files, embed code, and escalate their privileges to the identity of a victim user who subsequently interacts with the project files.

Затрагиваемое ПО
Aveva Process optimization
CVSS
Балл8.1 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L
Источники
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-01.jsonhttps://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68eahttps://www.aveva.com/en/support-and-success/cyber-security-updates/https://www.cisa.gov/news-events/ics-advisories/icsa-26-015-01