PatchSiren cyber security CVE debrief
CVE-2025-64769 AVEVA CVE debrief
CVE-2025-64769 affects AVEVA Process Optimization and was publicly disclosed in CISA advisory ICSA-26-015-01 on 2026-01-15. The advisory says the application suite uses connection channels/protocols that are, by default, not encrypted and may be subject to hijacking or data leakage in certain man-in-the-Middle or passive inspection scenarios. AVEVA and CISA list product updates and network/host hardening steps to reduce exposure.
- Vendor
- AVEVA
- Product
- Process Optimization
- CVSS
- HIGH 7.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-01-15
- Original CVE updated
- 2026-01-15
- Advisory published
- 2026-01-15
- Advisory updated
- 2026-01-15
Who should care
Organizations running AVEVA Process Optimization, especially OT/industrial environments where the product is reachable across shared, routed, or otherwise untrusted networks. Operators, OT administrators, network/security teams, and anyone responsible for Process Optimization project files or service access controls should review this advisory.
Technical summary
The source advisory describes a communications security weakness: default Process Optimization connection channels/protocols are not encrypted, which can allow sensitive traffic to be observed or potentially interfered with under man-in-the-Middle or passive inspection conditions. The supplied CVSS vector (AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L) and score (7.1) indicate meaningful confidentiality and integrity impact, with some availability impact, but also note that exploitation conditions are not trivial. The vendor-recommended remediation is to update to AVEVA Process Optimization v2025 and/or restrict access with host/network firewall rules, limit write access to installation and data folders, and maintain trusted custody of project files.
Defensive priority
High. Prioritize if the product is used in production OT networks, if traffic can traverse shared segments, or if project files and service ports are reachable beyond tightly controlled trusted hosts. The advisory’s mitigation options are straightforward and should be applied quickly.
Recommended defensive actions
- Update to AVEVA Process Optimization v2025 using the vendor-provided download path referenced in the advisory.
- Restrict taoimr service traffic with host and/or network firewall rules so only trusted sources can connect.
- Apply ACLs to installation and data folders so only trusted users have write access.
- Maintain a trusted chain-of-custody for Process Optimization project files during creation, modification, distribution, backups, and use.
- Review the AVEVA security bulletin AVEVA-2026-001 and the installation guide for port configuration details.
Evidence notes
All substantive statements in this debrief are drawn from the supplied CISA CSAF source item and its embedded remediation guidance. The advisory explicitly states that default connection channels/protocols are not encrypted and may be exposed to hijacking or data leakage in man-in-the-Middle or passive inspection scenarios. The source metadata also provides the CVSS 3.1 vector AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L and score 7.1, plus the vendor remediation path to update to AVEVA Process Optimization v2025 and to harden access with firewall rules, ACLs, and file custody controls. No additional exploitation details were used.
Official resources
-
CVE-2025-64769 CVE record
CVE.org
-
CVE-2025-64769 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed by CISA in ICSA-26-015-01 on 2026-01-15, which the source item identifies as an initial republication of AVEVA-2026-001.