AVEVA's PI Integrator for Business Analytics has been the subject of a coordinated security disclosure that identifies two authenticated, yet remotely exploitable, vulnerabilities which could permit file upload of dangerous types and the disclosure of sensitive output data — issues that demand...
aveva pi integrator
cisa icsa-25-224-04
credential leakage
critical infrastructure security
cve-2025-41415
cve-2025-54460
dangerous file types
data exfiltration risk
hdfs targets
ics vulnerabilities
insertionofsensitiveinformation
network segmentation
ot it security
patch management
pi integrator for business analytics
sensitive data exposure
text file targets
unrestricted upload
wdac allowlisting