Vulnerability in Aveva Pi Data Archive

CVE-2025-36539

AVEVA PI Data Archive products are vulnerable to an uncaught exception that, if exploited, could allow an authenticated user to shut down certain necessary PI Data Archive subsystems, resulting in a denial of service.

EPSS: 0.003 (26.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2025-36539?
CVE-2025-36539 is a medium-severity vulnerability in Aveva Pi Data Archive, classified under CWE-248. CVSS score: 6.5/10. Published 2025-06-12.
How severe is CVE-2025-36539?
Medium severity. CVSS v3 base score is 6.5 out of 10.