The mission of this group is to bring together utility professionals in the power industry who are in the thick of the digital utility transformation. 

WARNING: SIGN-IN

You need to be a member of Energy Central to access some features and content. Please or register to continue.

Post

New OSIsoft PI vulnerability, is easily prevented using appropriate verification steps

image credit: DoD

A new vulnerability report has been issued by CISA describing an OSIsoft PI vulnerability with a CVSS score of 7.8 that is easily detected and never should have been allowed in a BES ecosystem. The CISA report clearly shows the lack of proper verification of the digital signature as a cited issue:

https://www.us-cert.gov/ics/advisories/icsa-20-133-02

Never trust software, always verify and report!™

Richard Brooks's picture

Thank Richard for the Post!

Energy Central contributors share their experience and insights for the benefit of other Members (like you). Please show them your appreciation by leaving a comment, 'liking' this post, or following this Member.

Discussions

No discussions yet. Start a discussion below.

Get Published - Build a Following

The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.

If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.

                 Learn more about posting on Energy Central »