Christopher Wu

**Name of the Vulnerable Software and Affected Versions** AVEVA Process Optimization (affected versions not specified) **Description** A flaw exists that could allow an attacker to execute code remotely on the system with operating system level privileges through the `taoimr` service. Successful exploitation could lead to a complete compromise of the model application server. The vulnerability does not require authentication. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Captive Historian (affected versions not specified) **Description** A flaw exists that, if exploited, could allow an authenticated attacker with Process Optimization Standard User privileges to manipulate queries within Captive Historian. Successful exploitation may lead to code execution with SQL Server administrative privileges, potentially resulting in a full system compromise of the SQL Server. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** versions prior to 2025 (affected versions not specified) **Description** An authenticated user with standard operating system privileges could modify TCL Macro scripts. Successful exploitation may lead to privilege escalation to the operating system level, potentially resulting in a full system compromise of the application server. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Process Optimization (affected versions not specified) **Description** An authenticated attacker with standard user privileges can modify Process Optimization project files, insert code, and potentially gain the privileges of a user who interacts with these compromised files. The issue involves tampering with project files, allowing code embedding and privilege escalation. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Process Optimization application suite (affected versions not specified) **Description** The Process Optimization application suite uses connection channels and protocols that are not encrypted by default. This could allow for data hijacking or leakage in man-in-the-middle or passive inspection scenarios. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** versions prior to 2025 **Description** An authenticated attacker with Process Optimization Designer User privileges can embed OLE objects into graphics. Successful exploitation could lead to privilege escalation to the identity of a user who interacts with the graphical elements. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Model Application Server (affected versions not specified) **Description** A malicious actor with standard user privileges could potentially load arbitrary code through Process Optimization services, leading to privilege escalation to the system level and a complete compromise of the server. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.