top of page
perceptive_background_267k.jpg

The Process Optimization application suite leverages connection
channels/protocols that by-default are not encrypted and could become
subject to hijacking or …

Published:

15 januari 2026 om 23:00:00

Alert date:

16 januari 2026 om 17:05:17

Source:

nvd.nist.gov

Click to open the original link from this advisory

Critical Infrastructure, Enterprise Applications

CVE-2025-64769 affects the Process Optimization application suite which uses unencrypted connection channels and protocols by default. This vulnerability exposes the system to hijacking and data leakage through man-in-the-middle attacks and passive inspection scenarios. The vulnerability appears to be related to AVEVA software based on the support links provided. The lack of encryption in communication channels creates significant security risks for industrial control systems and process optimization environments.

Technical details

Mitigation steps:

Affected products:

Process Optimization application suite

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2025-64769
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-015-01.json
https://softwaresupportsp.aveva.com/en-US/downloads/products/details/a643eaa3-0d85-4fde-ac11-5239e87a68ea
https://www.aveva.com/en/support-and-success/cyber-security-updates/
https://www.cisa.gov/news-events/ics-advisories/icsa-26-015-01

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page