Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-1495

Summary
Assigner-icscert
Assigner Org ID-7d14cffa-0d7d-4270-9dc0-52cabd5a23a6
Published At-10 Feb, 2026 | 20:18
Updated At-12 Feb, 2026 | 18:46
Rejected At-
Credits

Insertion of Sensitive Information into Log File vulnerability in AVEVA PI to CONNECT Agent

The vulnerability, if exploited, could allow an attacker with Event Log Reader (S-1-5-32-573) privileges to obtain proxy details, including URL and proxy credentials, from the PI to CONNECT event log files. This could enable unauthorized access to the proxy server.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:icscert
Assigner Org ID:7d14cffa-0d7d-4270-9dc0-52cabd5a23a6
Published At:10 Feb, 2026 | 20:18
Updated At:12 Feb, 2026 | 18:46
Rejected At:
▼CVE Numbering Authority (CNA)
Insertion of Sensitive Information into Log File vulnerability in AVEVA PI to CONNECT Agent

The vulnerability, if exploited, could allow an attacker with Event Log Reader (S-1-5-32-573) privileges to obtain proxy details, including URL and proxy credentials, from the PI to CONNECT event log files. This could enable unauthorized access to the proxy server.

Affected Products
Vendor
AVEVAAVEVA
Product
PI to CONNECT Agent
Default Status
unaffected
Versions
Affected
  • From 0 through Version v2.4.2520 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-532CWE-532 Insertion of Sensitive Information into Log File
Type: CWE
CWE ID: CWE-532
Description: CWE-532 Insertion of Sensitive Information into Log File
Metrics
VersionBase scoreBase severityVector
3.16.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
4.05.7MEDIUM
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:L
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Version: 4.0
Base score: 5.7
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

AVEVA recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.  * Users of affected product versions should apply security updates to mitigate the risk of proxy details exposure in newly generated PI to CONNECT Agent event logs.  * Users who have used affected product versions, should review existing PI to CONNECT Agent event logs (live/backups/copies) for exposed proxy connection details and consider purging the sensitive data from logs and/or configuring new credentials for access to the proxy service. The following general defensive measures are recommended:  * Remove use of plain text passwords in proxy URLs. Alternatively, if passwords are required by the proxy, then use least-privilege credentials.  * Ensure only trusted users are given Event Log Reader (S-1-5-32-573) privileges on hosts where PI to CONNECT is installed.  * Review existing PI to CONNECT event logs (live/backups/copies) for exposed proxy connection details and consider purging the sensitive data from logs and/or configuring new credentials for access to the proxy service. All affected versions can be fixed by upgrading to PI to CONNECT Agent v2.5.2790 or higher. The latest version of the agent can be downloaded from the CONNECT Data Services Portal here: [ https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2026-003.pdf .

Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.cisa.gov/news-events/ics-advisories/icsa-26-041-04
government-resource
Hyperlink: https://www.cisa.gov/news-events/ics-advisories/icsa-26-041-04
Resource:
government-resource
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:ics-cert@hq.dhs.gov
Published At:10 Feb, 2026 | 21:16
Updated At:10 Feb, 2026 | 21:51

The vulnerability, if exploited, could allow an attacker with Event Log Reader (S-1-5-32-573) privileges to obtain proxy details, including URL and proxy credentials, from the PI to CONNECT event log files. This could enable unauthorized access to the proxy server.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.05.7MEDIUM
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary3.16.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Type: Secondary
Version: 4.0
Base score: 5.7
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-532Primaryics-cert@hq.dhs.gov
CWE ID: CWE-532
Type: Primary
Source: ics-cert@hq.dhs.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.cisa.gov/news-events/ics-advisories/icsa-26-041-04ics-cert@hq.dhs.gov
N/A
Hyperlink: https://www.cisa.gov/news-events/ics-advisories/icsa-26-041-04
Source: ics-cert@hq.dhs.gov
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

8Records found
CVE-2022-41553
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.05% / 14.12%
||
7 Day CHG~0.00%
Published-01 Nov, 2022 | 02:11
Updated-05 May, 2025 | 14:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Information Exposure Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer

Insertion of Sensitive Information into Temporary File vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Hitachi Ops Center Analyzer probe component) allows local users to gain sensitive information. This issue affects Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.4.0-00; Hitachi Ops Center Analyzer: from 10.0.0-00 before 10.9.0-00.

Action-Not Available
Vendor-Linux Kernel Organization, IncHitachi, Ltd.
Product-infrastructure_analytics_advisorlinux_kernelops_center_analyzerHitachi Infrastructure Analytics AdvisorHitachi Ops Center Analyzer
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2024-3744
Matching Score-4
Assigner-Kubernetes
ShareView Details
Matching Score-4
Assigner-Kubernetes
CVSS Score-6.5||MEDIUM
EPSS-0.03% / 8.25%
||
7 Day CHG~0.00%
Published-15 May, 2024 | 00:42
Updated-13 Feb, 2025 | 18:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kubernetes azure-file-csi-driver in versions before 1.29.4 and 1.30.1 discloses service account tokens in logs

A security issue was discovered in azure-file-csi-driver where an actor with access to the driver logs could observe service account tokens. These tokens could then potentially be exchanged with external cloud providers to access secrets stored in cloud vault solutions. Tokens are only logged when TokenRequests is configured in the CSIDriver object and the driver is set to run at log level 2 or greater via the -v flag.

Action-Not Available
Vendor-Kubernetes
Product-azure-file-csi-driver
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2023-3335
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.10% / 27.84%
||
7 Day CHG~0.00%
Published-03 Oct, 2023 | 01:02
Updated-02 Aug, 2024 | 06:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Information Exposure Vulnerability in Hitachi Ops Center Administrator

Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Administrator on Linux allows local users  to gain sensitive information.This issue affects Hitachi Ops Center Administrator: before 10.9.3-00.

Action-Not Available
Vendor-Linux Kernel Organization, IncHitachi, Ltd.
Product-ops_center_administratorlinux_kernelHitachi Ops Center Administrator
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2023-2878
Matching Score-4
Assigner-Kubernetes
ShareView Details
Matching Score-4
Assigner-Kubernetes
CVSS Score-6.5||MEDIUM
EPSS-0.07% / 20.94%
||
7 Day CHG~0.00%
Published-07 Jun, 2023 | 14:35
Updated-13 Feb, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kubernetes secrets-store-csi-driver discloses service account tokens in logs

Kubernetes secrets-store-csi-driver in versions before 1.3.3 discloses service account tokens in logs.

Action-Not Available
Vendor-Kubernetes
Product-secrets-store-csi-driversecrets-store-csi-driver
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2025-7445
Matching Score-4
Assigner-Kubernetes
ShareView Details
Matching Score-4
Assigner-Kubernetes
CVSS Score-6.5||MEDIUM
EPSS-0.01% / 0.27%
||
7 Day CHG~0.00%
Published-05 Sep, 2025 | 02:31
Updated-05 Sep, 2025 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kubernetes secrets-store-sync-controller discloses service account tokens in logs

Kubernetes secrets-store-sync-controller in versions before 0.0.2 discloses service account tokens in logs.

Action-Not Available
Vendor-Kubernetes
Product-secrets-store-sync-controller
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2025-5464
Matching Score-4
Assigner-Ivanti
ShareView Details
Matching Score-4
Assigner-Ivanti
CVSS Score-6.5||MEDIUM
EPSS-0.06% / 17.89%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 15:32
Updated-15 Jul, 2025 | 12:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2.8 allows a local authenticated attacker to obtain that information.

Action-Not Available
Vendor-Ivanti Software
Product-connect_secureConnect Secure
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2022-48319
Matching Score-4
Assigner-Checkmk GmbH
ShareView Details
Matching Score-4
Assigner-Checkmk GmbH
CVSS Score-6.5||MEDIUM
EPSS-0.06% / 19.79%
||
7 Day CHG~0.00%
Published-20 Feb, 2023 | 16:56
Updated-12 Mar, 2025 | 14:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Host secret disclosed in Checkmk logs

Sensitive host secret disclosed in cmk-update-agent.log file in Tribe29's Checkmk <= 2.1.0p13, Checkmk <= 2.0.0p29, and all versions of Checkmk 1.6.0 (EOL) allows an attacker to gain access to the host secret through the unprotected agent updater log file.

Action-Not Available
Vendor-tribe29 GmbHCheckmk GmbH
Product-checkmkCheckmk
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2024-6977
Matching Score-4
Assigner-Cato Networks
ShareView Details
Matching Score-4
Assigner-Cato Networks
CVSS Score-6.5||MEDIUM
EPSS-0.03% / 6.67%
||
7 Day CHG~0.00%
Published-31 Jul, 2024 | 16:56
Updated-27 Aug, 2024 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cato Networks Windows SDP Client Sensitive data in trace logs can lead to account takeover

A vulnerability in Cato Networks SDP Client on Windows allows the insertion of sensitive information into the log file, which can lead to an account takeover. However, the attack requires bypassing protections on modifying the tunnel token on a the attacker's system.This issue affects SDP Client: before 5.10.34.

Action-Not Available
Vendor-catonetworksCato Networks
Product-cato_clientSDP Client
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
Details not found