Aveva Process Optimization
7 CVEs affecting Aveva Process Optimization. Latest disclosed: 2026-01-16. Critical: 1, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-61937 | Critical | 10.0 | 2026-01-16 | The vulnerability, if exploited, could allow an unauthenticated miscreant to achieve remote code execution under OS system privileges of “taoimr” service, po… |
CVE-2025-65118 | High | 8.8 | 2026-01-16 | The vulnerability, if exploited, could allow an authenticated miscreant (OS Standard User) to trick Process Optimization services into loading arbitrary code… |
CVE-2025-64691 | High | 8.8 | 2026-01-16 | The vulnerability, if exploited, could allow an authenticated miscreant (OS standard user) to tamper with TCL Macro scripts and escalate privileges to OS sys… |
CVE-2025-61943 | High | 8.4 | 2026-01-16 | The vulnerability, if exploited, could allow an authenticated miscreant (Process Optimization Standard User) to tamper with queries in Captive Historian and… |
CVE-2025-64729 | High | 8.1 | 2026-01-16 | The vulnerability, if exploited, could allow an authenticated miscreant (OS Standard User) to tamper with Process Optimization project files, embed code, and… |
CVE-2025-65117 | High | 7.4 | 2026-01-16 | The vulnerability, if exploited, could allow an authenticated miscreant (Process Optimization Designer User) to embed OLE objects into graphics, and escalate… |
CVE-2025-64769 | High | 7.1 | 2026-01-16 | The Process Optimization application suite leverages connection channels/protocols that by-default are not encrypted and could become subject to hijacking or… |