AVEVA Adapter for BACnet Module 1.2 release notes
- Last UpdatedJan 29, 2026
- 3 minute read
- PI System
- Adapter for BACnet 1.2
- Adapters
AVEVA Adapter for BACnet Module 1.2, released March 2024, is the containerized version of the adapter that can be deployed using Edge Management on CONNECT data services. It offers the same capabilities as the adapter that is available for installation directly on the device.
The 1.2 Module release uses Version 1.2.0.158 of the BACnet adapter, Version 1.8.1.62 of the Adapter Framework, Version 1.1.1.19 of the Edge Module Manager, and Version 3.18.4 of Alpine Linux.
For more information on product features and functions, refer to the following sections:
-
Prerequisites and system requirements
-
Installation/uninstallation instructions
refer to AVEVA Adapter for BACnet.
The latest information about the 1.2 release is available online on the AVEVA Documentation Portal.
New features and enhancements
The following items were added in this release:
-
Support for client-level failover for AVEVA Adapter for BACnet Module
Fixes and enhancements
This updated release contains adapter framework updates.
Resolved issues
No open issues were resolved in this release.
Known issues
There are no known issues for this release.
Security information and guidance
We are committed to releasing secure products. This section is intended to provide relevant security-related information to guide your installation or upgrade decision.
We proactively disclose aggregate information about the number and severity of security vulnerabilities addressed in each release. The tables below provide an overview of security issues addressed and their relative severity based on standard scoring.
No security-related information is applicable to this release.
Overview of new vulnerabilities found or fixed
This section is intended to provide relevant security-related information to guide your installation or upgrade decision. AVEVA is proactively disclosing aggregate information about the number and severity of AVEVA Adapter for BACnet Module security vulnerabilities that are fixed in this release.
Security vulnerabilities fixed in AVEVA Adapter for BACnet Edge Module 1.2 release
This is the first release of the AVEVA Adapter for BACnet Edge Module. The information below applies to vulnerabilities fixed in the AVEVA Adapter for BACnet, which is included in this release.
|
Severity Category |
CVSS Base Score Range |
Number of Fixed Vulnerabilities |
|---|---|---|
|
Critical |
9 - 10 |
0 |
|
High |
7.0 - 8.9 |
1 |
|
Medium |
4.0 - 6.9 |
0 |
|
Low |
0 - 3.9 |
0 |
Vulnerability Mitigations in AVEVA Adapter for BACnet Edge Module 1.2 Release
The following vulnerabilities were identified in AVEVA Adapter for BACnet Edge Module 1.2 Release.
|
Component |
Version |
CVE or Reference |
CVSS |
Mitigation |
|---|---|---|---|---|
|
zlib |
1.2.13 |
CVE-2023-45853 (https://nvd.nist.gov/vuln/detail/CVE-2023-45853) |
9.8 |
Vulnerability is not applicable: The AVEVA Adapter for BACnet Module's utilization of zlib through the .NET 6 Framework does not expose this vulnerability. |
|
OpenSSL |
3.1.4 |
CVE-2023-6129 (https://nvd.nist.gov/vuln/detail/CVE-2023-6129) |
6.5 |
Vulnerability is not applicable: The AVEVA Adapter for BACnet Module is not affected by this vulnerability. |
|
OpenSSL |
3.1.4 |
CVE-2024-0727 (https://nvd.nist.gov/vuln/detail/CVE-2024-0727) |
5.5 |
Vulnerability is not reachable: This vulnerability relies on application loading malformed PKCS12 file from disk since edge module's file system can be accessed only by administrators this is considered as low risk. |
|
OpenSSL |
3.1.4 |
BDSA-2024-0082 |
5.5 |
Vulnerability is not applicable: This vulnerability is not exposed by the use of OpenSSL in AVEVA Adapter for BACnet Module. |
|
krb5 |
1.20.1 |
CVE-2023-36054 (https://nvd.nist.gov/vuln/detail/CVE-2023-36054) |
6.5 |
Vulnerability is not applicable: The AVEVA Adapter for BACnet Module is not affected by this vulnerability. |
|
busybox |
1.36.1 |
CVE-2023-42363 (https://nvd.nist.gov/vuln/detail/CVE-2023-42363) |
6.1 |
Vulnerability is not applicable: The AVEVA Adapter for BACnet Module is not affected by this vulnerability. |
|
busybox |
1.36.1 |
CVE-2023-42364 (https://nvd.nist.gov/vuln/detail/CVE-2023-42364) |
6.1 |
Vulnerability is not applicable: The AVEVA Adapter for BACnet Module is not affected by this vulnerability. |
|
busybox |
1.36.1 |
CVE-2023-42365 (https://nvd.nist.gov/vuln/detail/CVE-2023-42365) |
6.1 |
Vulnerability is not applicable: The AVEVA Adapter for BACnet Module is not affected by this vulnerability. |
|
busybox |
1.36.1 |
CVE-2023-42366 (https://nvd.nist.gov/vuln/detail/CVE-2023-42366) |
6.1 |
Vulnerability is not applicable: The AVEVA Adapter for BACnet Module is not affected by this vulnerability. |
|
busybox |
1.36.1 |
CVE-2022-48174 (https://nvd.nist.gov/vuln/detail/CVE-2022-48174) |
6.7 |
Vulnerability is not applicable: The AVEVA Adapter for BACnet Module is not affected by this vulnerability. |
|
JSON Web Token Handler For the Microsoft .Net Framework 4.5 |
5.6.0 |
CVE-2024-21319 (https://nvd.nist.gov/vuln/detail/CVE-2024-21319) |
6.8 |
Microsoft has provided the following explanation: "The attacker must have access to the public encrypt key registered with the IDP(Entra ID) for successful exploitation." https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21319 Edge Module authentication occurs server-side and does not expose the public encryption key to a client. |
|
azure-activedirectory-identitymodel-extensions-for-dotnet |
5.6.0 |
CVE-2024-21319 (https://nvd.nist.gov/vuln/detail/CVE-2024-21319) |
6.8 |
Microsoft provided the following explanation: "The attacker must have access to the public encrypt key registered with the IDP(Entra ID) for successful exploitation." https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21319 Edge Module authentication occurs server-side and does not expose the public encryption key to a client. |