Critical Flaw in AVEVA PI Web API exposes Industrial Systems to Scripting Attacks

A recently disclosed cross-site scripting (XSS) vulnerability, identified as CVE-2025-2745, affects AVEVA PI Web API versions 2023 SP1 and earlier. This flaw could allow authenticated attackers to inject malicious code, posing a significant risk to industrial infrastructures that rely on this pivotal data platform.

The vulnerability, detailed by the National Vulnerability Database (NVD) and the Cybersecurity and Infrastructure Security Agency (CISA), underscores the constant threat of cyberattacks on critical operational technologies. While not rated among the most severe vulnerabilities, its nuanced exploitation path presents a serious concern for organizations leveraging the AVEVA PI Web API to bridge operational data with enterprise applications.

Understanding the Vulnerability

The core of CVE-2025-2745 lies in the improper neutralization of input during web page generation, a classic XSS vulnerability (CWE-79). An attacker with authenticated access and the necessary privileges to create or update annotations, or to upload media files, can exploit this flaw. The attack involves embedding arbitrary JavaScript code into annotation attachments. This malicious code is then executed by users who are tricked, typically through social engineering, into disabling their browser's Content Security Policy (CSP) protections while rendering these attachments.

The attack's success hinges on a combination of user privileges, relaxed browser security, and social engineering, making it a sophisticated, multi-step process rather than a simple, direct exploit. The vulnerability has been assigned a CVSS v3.1 base score of 6.5 (Medium) and a CVSS v4.0 base score of 4.5.

The Potential Impact

Successful exploitation of this vulnerability could allow an attacker to execute arbitrary scripts in a victim's browser. This could lead to various malicious activities, including session hijacking, data theft, and further unauthorized actions within the system. Given that AVEVA PI Web API is a critical component in many industrial control systems (ICS), the potential for disruption to critical manufacturing and other sectors is significant.

Mitigation and Best Practices

AVEVA and CISA have issued advisories with clear recommendations for mitigating this vulnerability. The most critical step is to upgrade to AVEVA PI Web API 2023 SP1 Patch 1 or a newer version. This patch directly addresses the XSS flaw. Patched versions are available through the OSIsoft Customer Portal.

In addition to patching, organizations are strongly advised to implement the following security measures to create a multi-layered defense:

  • Review and Restrict File Uploads: Administrators should carefully review and update the list of allowed file extensions for annotation attachments, removing high-risk types such as SVG and PDF that can be used to deliver malicious payloads.
  • Enforce Content Security Policy (CSP): IT and security policies should be implemented to prevent users from disabling browser security features, especially CSP, in production environments. User education is crucial to thwart the social engineering tactics that are a key component of this attack vector.
  • Utilize RESTful Access: Instead of rendering annotation attachments directly in a browser, organizations should encourage users to access these files through direct REST API requests. This method bypasses the browser's rendering process, which is where the vulnerability is triggered.
  • Audit User Privileges: Regularly audit and ensure that only trusted users are granted "Annotate" access rights. This limits the number of accounts that could potentially be used to initiate an attack.
  • Network Segmentation: As a general best practice, control system networks and remote devices should be located behind firewalls and isolated from business networks to minimize their exposure.
  • Secure Remote Access: When remote access is necessary, it should be facilitated through secure methods like Virtual Private Networks (VPNs).

AVEVA ethically disclosed this vulnerability to CISA, and at the time of the advisories, there were no known public exploits specifically targeting this issue. However, the high attack complexity does not diminish the need for prompt and thorough mitigation.