top of page
perceptive_background_267k.jpg

The vulnerability, if exploited, could allow an authenticated miscreant
(OS standard user) to tamper with TCL Macro scripts and escalate
privileges to OS syst…

Published:

15 January 2026 at 23:00:00

Alert date:

16 January 2026 at 16:17:23

Source:

nvd.nist.gov

Click to open the original link from this advisory

Critical Infrastructure, Enterprise Applications

CVE-2025-64691 is a privilege escalation vulnerability affecting AVEVA software that allows authenticated OS standard users to tamper with TCL Macro scripts. Successful exploitation enables privilege escalation to OS system level, potentially resulting in complete compromise of the model application server. The vulnerability affects industrial control systems and requires authentication but can lead to full system compromise. CISA has issued an advisory (ICSA-26-015-01) regarding this vulnerability. The issue impacts AVEVA's industrial software solutions used in operational technology environments.

Technical details

Mitigation steps:

Affected products:

AVEVA

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2025-64691
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-01.json
https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea
https://www.aveva.com/en/support-and-success/cyber-security-updates/
https://www.cisa.gov/news-events/ics-advisories/icsa-26-015-01

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page