CVE-2025-44019

Name of the Vulnerable Software and Affected Versions AVEVA PI Data Archive versions 2018 SP3 Patch 4 and earlier AVEVA PI Data Archive version 2023 AVEVA PI Data Archive version 2023 Patch 1 AVEVA PI Server versions 2018 SP3 Patch 6 and earlier AVEVA PI Server version 2023 AVEVA PI Server version 2023 Patch 1

Description The issue is related to an uncaught exception that could allow an authenticated user to shut down certain necessary PI Data Archive subsystems, resulting in a denial of service. Depending on the timing of the crash, data present in snapshots/write cache may be lost.

Recommendations For AVEVA PI Data Archive versions 2018 SP3 Patch 4 and earlier, update to a version later than 2018 SP3 Patch 4. For AVEVA PI Data Archive version 2023, apply the necessary patch or update to a later version. For AVEVA PI Data Archive version 2023 Patch 1, apply the necessary patch or update to a later version. For AVEVA PI Server versions 2018 SP3 Patch 6 and earlier, update to a version later than 2018 SP3 Patch 6. For AVEVA PI Server version 2023, apply the necessary patch or update to a later version. For AVEVA PI Server version 2023 Patch 1, apply the necessary patch or update to a later version.