CISA Warns AVEVA PI Integrator Flaws: Patch Now (CVE-2025-54460, CVE-2025-41415)

AVEVA's PI Integrator for Business Analytics has been the subject of a coordinated security disclosure that identifies two authenticated, yet remotely exploitable, vulnerabilities which could permit file upload of dangerous types and the disclosure of sensitive output data — issues that demand immediate attention from organizations running PI Integrator 2020 R2 SP1 and earlier.

Background / Overview​

AVEVA PI Integrator for Business Analytics is a widely deployed connector that prepares and publishes PI System data for business intelligence platforms such as Microsoft Power BI, Tableau, and Spotfire. It’s used to transform operational time-series and asset context into formats suitable for analytics and data lakes, and is often installed in environments that bridge IT and OT networks.
On August 12, 2025, a CISA ICS advisory (ICSA-25-224-04) republished AVEVA’s coordinated disclosure, assigning CVE identifiers and publishing CVSS scores for the issues. The advisory lists the affected product (PI Integrator for Business Analytics: Versions 2020 R2 SP1 and prior) and spells out both the technical nature of the flaws and vendor-recommended mitigations.

---

Executive summary of the disclosure​

• Affected product: PI Integrator for Business Analytics (versions 2020 R2 SP1 and earlier).
• Vulnerabilities disclosed:
• CVE-2025-54460 — Unrestricted Upload of File with Dangerous Type (CWE-434). Authenticated users with the ability to create or access publication targets of type Text File or HDFS can upload files that could be executed or abused. CVSS v3.1: 7.6; CVSS v4: 7.1.
• CVE-2025-41415 — Insertion of Sensitive Information into Sent Data (CWE-201). Authenticated users with access to publication targets can retrieve sensitive information in published output that could facilitate further access. CVSS v3.1: 6.5; CVSS v4: 7.1.
• Primary risk: disclosure of sensitive configuration or credential material and the possibility of uploading/persisting files that may be executed if filesystem or downstream services are not properly isolated.

---

Technical analysis​

CVE-2025-54460 — Unrestricted upload of files (CWE-434)​

CVE-2025-54460 concerns the PI Integrator’s handling of publication targets that are configured to write to Text File or HDFS targets. The weakness allows an authenticated user who has privileges to create or write to those targets to upload files that are not sufficiently restricted by file type or output path. In practice this means:

• An attacker with valid PI Integrator credentials and publication-target privileges can cause arbitrary files to be written to locations under the product’s control.
• If output folders are not logically isolated from executable paths or if downstream systems automatically process or execute files in those paths, the uploaded files could be executed or used as a foothold.
• The vulnerability is assessed as network-reachable with low attack complexity and limited privilege requirement (authenticated, but not full admin). The vendor and CISA assigned CVSS scores reflecting significant but not catastrophic impact (CVSS v3.1 = 7.6; CVSS v4 = 7.1).

Practical implications: on a misconfigured deployment where the PI Integrator writes to a filesystem that also houses scripts or services consumed by other processes (or to an HDFS namespace with broad access), an adversary could upload payloads that later get executed — either directly or via chaining with other vulnerabilities or automation processes. This is especially relevant in environments that integrate ETL automation, custom data consumers, or scheduled ingestion tasks that lack strict allowlisting.

CVE-2025-41415 — Insertion/exposure of sensitive information (CWE-201)​

CVE-2025-41415 describes the ability for an authenticated, privileged user to cause sensitive information to be included in PI Integrator output that’s sent to publication targets. The core risk vectors include:

• Sensitive metadata leakage — configuration parameters, paths, or internal identifiers appended to published views or export files;
• Credentials and tokens — if any connectors or target configurations are persisted in or echoed back through published outputs, attackers could harvest them and escalate access to downstream systems (e.g., HDFS, data lake, or BI ingestion accounts).
• The vulnerability’s CVSS profile emphasizes confidentiality impact (high), with moderate exploitability requirements (authenticated, low complexity).

Operational effect: an attacker exploiting this flaw could extract private configuration data and use it to access or pivot to other systems in the analytics pipeline. In complex OT/IT integrations, such lateral movement is a frequent precursor to more harmful outcomes (credential theft, data exfiltration, or even code execution through chained vulnerabilities).

---

Who reported the issues and disclosure timeline​

• Reporters: Maxime Escourbiac (Michelin CERT) and Adam Bertrand (Abicom for Michelin CERT) reported the vulnerabilities to AVEVA; AVEVA coordinated disclosure with CISA.
• CISA published ICSA-25-224-04 on August 12, 2025, republishing AVEVA’s coordinated bulletin and offering mitigations and recommended practices to operators.
• AVEVA maintains a central Cyber Security Updates hub for vendor advisories; product owners should consult the vendor channel for the formal bulletin and patches.

---

Cross-verification and external confirmation​

Independent vulnerability trackers and industry databases mirror the advisory’s substance: CISA’s advisory is the authoritative public US-government publication for these specific CVE entries and contains the CVSS values cited above; vendor update hubs and third-party aggregators also list matching bulletins for AVEVA PI components and related PI System products. Where public NVD/NIST entries are slow to be populated for some CVEs, the CISA advisory and AVEVA’s customer security pages provide the timely, canonical guidance organizations must act on. (cisa.gov, aveva.com, vulners.com)
Cautionary note: some central CVE/NVD records may lag vendor/CISA publications; if an NVD entry for a listed CVE appears incomplete or pending, operators should still rely on the vendor and CISA guidance for immediate mitigation and patching steps. (nvd.nist.gov, vulners.com)

---

Real-world risk and attack scenarios​

• Scenario 1 — File upload to shared execution path: a low-privilege authenticated user creates a publication target that writes files to a directory also read and executed by a scheduled processing job (for example, an import script or ETL job). The uploaded file contains a malicious script; when the downstream job runs, the script is executed with whatever permissions that process holds, enabling code execution or persistence.
• Scenario 2 — Sensitive configuration disclosure: a publication job is configured to include additional metadata for troubleshooting; an attacker abuses the target to cause stored backend credentials or tokens to be emitted into exported files, then uses those credentials to connect to HDFS or the BI data store and exfiltrate or manipulate data.
• Scenario 3 — Combined chain: a disclosure of credentials (CVE-2025-41415) enables access to an HDFS cluster where a weakly configured ingestion job picks up and executes user-supplied scripts (CVE-2025-54460), leading to large-scale compromise of analytic infrastructure.

Why critical infrastructure operators should care: PI Integrator frequently sits at the IT/OT boundary and can be configured to publish operational data into enterprise BI systems and data lakes. In industrial environments, an attacker who can manipulate outputs or write executable artifacts into processing paths can cause operational disruption, data loss, or safety-affecting misconfigurations. Even absent direct physical damage, the business and regulatory consequences for critical manufacturing and IT services are significant.

---

Mitigations and vendor guidance​

AVEVA’s immediate mitigation and remediation guidance (as republished by CISA) includes:

• Upgrade: Move to PI Integrator for Business Analytics 2020 R2 SP2 or higher. This is the primary remediation step. (cisa.gov, aveva.com)
• Permissions audit: Ensure that only trusted, minimal-privilege accounts have rights to create or write to publication targets. Limit who can create targets of type Text File or HDFS.
• Restrict output file extensions and paths: Configure publication targets to restrict allowed output file extensions and to write only to directories that are logically isolated from system or executable paths. Where HDFS is used, tighten namespace ACLs and minimize privileges for ingesting services.
• Apply endpoint hardening: Use Windows Defender Application Control (WDAC) or equivalent application allowlisting to block execution of unauthorized binaries in sensitive folders.
• Network hardening (CISA recommendations): Minimize direct internet exposure of control system devices, segment OT networks from business networks, and prefer secure remote access methods (VPNs, bastion hosts) while recognizing their limitations.

CISA emphasizes performing a tailored impact analysis and risk assessment before deploying any mitigations that affect production systems; this is consistent with defense-in-depth principles for ICS environments.

---

Practical, prioritized steps for defenders (quick action checklist)​

• Inventory: Identify all instances of PI Integrator for Business Analytics and document version numbers, publication targets configured (Text File/HDFS), and which users/groups have publish/create permissions.
• Patch: Schedule and apply the vendor-supplied update to 2020 R2 SP2 or later as a priority for production, test, and staging environments. (cisa.gov, aveva.com)
• Restrict: Immediately tighten publication-target permissions and remove unnecessary user rights to create or edit Text File/HDFS targets.
• Isolate output paths: Reconfigure output targets to write only to non-executable, segregated directories; remove write privileges where unnecessary.
• Allowlist: Implement WDAC or another application allowlisting solution on servers hosting PI Integrator outputs to prevent execution of unexpected files.
• Monitor: Add logging and alerting focused on publication-target activity, suspicious file writes, and unexpected downstream processing. Increase scrutiny of audit logs for accounts that create or update publication targets.
• Rotate & verify credentials: If any export or connector credentials could have been exposed, rotate them and validate downstream ACLs and authentication logs for unusual access patterns.
• Test disaster recovery and rollback procedures before applying changes in production to avoid accidental outages.

---

Strengths and limitations of the vendor/CISA guidance​

Strengths:

• Timely coordination between AVEVA and CISA provides actionable, vendor-validated patches and practical mitigation advice.
• The advisory lists explicit CVE identifiers and CVSS scores (both v3.1 and v4), which helps organizations prioritize remediation based on risk posture. (cisa.gov, aveva.com)

Limitations and residual risks:

• These vulnerabilities require authenticated access to achieve their most damaging effects, but in many operations environments authenticated credentials are attainable via credential theft, phishing, or lateral movement — so “authenticated-only” is a weak guarantee of safety.
• The real-world impact depends heavily on how publication targets are configured and on post-processing workflows. Organizations that have automated ingestion pipelines, loosely segregated storage, or permissive HDFS ACLs remain at risk even after initial configuration changes. This dependence on environment-specific configuration makes universal mitigation harder and underscores the need for local impact analysis.

---

Detection and monitoring guidance​

• Log and alert on: creation or modification of publication targets; sudden changes to allowed file extensions; unexpected files written to published output directories; and anomalous HDFS writes originating from PI Integrator hosts.
• Monitor downstream consumer logs (ETL / ingestion services) for execution attempts or parsing errors tied to newly created files.
• Correlate with authentication telemetry: repeated failed login attempts or unusual use of service accounts that can create publication targets should be investigated promptly.

---

Governance and operational recommendations​

• Reassess privileged accounts and enforce least privilege on PI System roles. Where administrative operations are necessary, require multifactor authentication and use just-in-time administrative access for changes.
• Apply defense-in-depth: network segmentation, dedicated data-transfer DMZs, and strict host-based controls reduce the probability that a PI Integrator compromise will cascade to sensitive analytic resources.
• Maintain a test/dev/staging pipeline for security patches and validate published-output behavior in a controlled environment before promoting updates to production.
• Incorporate PI Integrator-specific checks into routine vulnerability scanning and asset management processes to ensure version drift is detected and remediated.

---

Final assessment and urgency​

The AVEVA PI Integrator disclosures are serious and actionable: they combine authenticated but remotely feasible attack vectors with realistic operational pathways to either execute uploaded code or extract credentials and configuration data that enable broader intrusion. The recommended vendor update to 2020 R2 SP2 or later is the clearest mitigation and should be scheduled as high priority, particularly for environments that publish to file paths or HDFS namespaces consumed by automated processes. (cisa.gov, aveva.com)
Operators should treat these CVEs as a near-term operational risk: apply patches quickly where feasible, harden publication target configurations immediately, and implement robust monitoring around publication and ingestion flows. The combination of vendor patching, permission hardening, file-path isolation, and allowlisting forms a practical layered defense that materially reduces exploitation risk.

---

Update history and sources of record​

• CISA published ICSA-25-224-04 on August 12, 2025, republishing AVEVA’s advisory and listing CVE-2025-54460 and CVE-2025-41415, affected versions, and mitigation steps.
• AVEVA’s Cyber Security Updates portal contains vendor advisories and is the canonical location for the vendor’s security bulletins and downloadable updates; administrators should use that portal for patched installers and formal release notes.

Caveat: public CVE/NVD records sometimes lag vendor and government advisories; reliance on NVD alone can delay mitigation — use vendor bulletins and CISA advisories for the most current, actionable guidance. (nvd.nist.gov, cisa.gov)

---

Conclusion
These AVEVA PI Integrator vulnerabilities are emblematic of a recurring class of ICS/OT risks: relatively small configuration or validation oversights in data-publishing components can become high-impact when layered atop permissive downstream processing and poorly isolated storage. The fix path is straightforward — patch to 2020 R2 SP2 or higher, tighten publication-target permissions, restrict output paths and extensions, and implement host- and network-level controls — but the real work is operational: inventory, test, and harden the surrounding data pipelines so that a single misconfiguration cannot be leveraged into broad compromise. (cisa.gov, aveva.com)

---

Source: CISA AVEVA PI Integrator | CISA