AVEVA PI Web API

MonitorCVSS 6.5ICS-CERT ICSA-25-162-08Jun 12, 2025

AVEVAOSIsoft

Attack path

Attack VectorNetwork

Auth RequiredLow

ComplexityHigh

User InteractionRequired

Summary

A content security policy (CSP) bypass vulnerability in PI Web API versions 2023_SP1 and earlier allows an attacker with a valid user account holding Annotate permissions to disable CSP protections. This could enable code injection through malicious annotation attachments. When other users view or download these attachments through the web interface, injected code executes in their browser context, potentially allowing the attacker to harvest credentials, session tokens, or other sensitive data. Successful exploitation requires valid user credentials, user interaction, and navigation to the malicious attachment via the web UI.

What this means

What could happen

An attacker with a PI Web API user account could exploit this vulnerability to disable security protections in the browser, potentially allowing them to inject malicious code through annotation attachments that users download, affecting data integrity and confidentiality for connected systems.

Who's at risk

Organizations using AVEVA PI System should care about this, especially those where PI Web API is exposed to internal users who handle sensitive historical or real-time process data. This is particularly relevant for energy utilities, water authorities, and manufacturing plants that rely on PI for data collection and analytics.

How it could be exploited

An attacker who has a valid PI Web API user account (or obtains one through phishing) can craft a malicious annotation attachment that exploits the content security policy bypass. When other users download or view the attachment through the web interface, the attacker's injected code executes in their browser, potentially stealing credentials or session tokens that could give the attacker further access to PI data.

Prerequisites

Valid PI Web API user account with Annotate permission
User must interact with a malicious annotation attachment through the web interface
Target user's browser must render the attachment without protective CSP headers

Requires user interaction (moderate complexity)Requires valid credentialsCould enable credential theft via injected codeAffects data confidentiality and integrity

Exploitability

Unlikely to be exploited — EPSS score 0.1%

Affected products (1)

ProductAffected VersionsFix Status

PI Web API: <=2023_SP1≤ 2023 SP12023 SP1 Patch 1 or higher

Remediation & Mitigation

0/5

Do now

0/3

HARDENINGRestrict the 'Annotate' permission in PI Web API to trusted users only; audit current role assignments and remove unnecessary Annotate access

WORKAROUNDRestrict file types allowed for annotation attachments by removing potentially dangerous extensions (svg, pdf, and others based on your risk profile) from the allowlist

WORKAROUNDInstruct PI Web API users to retrieve annotation attachments through direct REST API requests rather than rendering them in the browser interface

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate PI Web API to 2023 SP1 Patch 1 or higher

Long-term hardening

0/1

HARDENINGNetwork-isolate the PI Web API server from direct internet access; ensure it is only reachable from trusted internal networks or through a VPN gateway

CVEs (1)

CVE-2025-2745

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/a1e667fd-d65d-43a0-a188-7b23cd93dcb0

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.