Release 1.0.0
- Last UpdatedMar 27, 2026
- 2 minute read
- Developer
Overview
This is the initial release of PI OPC UA Server. The server manages the communication between any OPC UA client and PI Server using the OPC UA protocol.
New features and enhancements
Please refer to the Welcome to the AVEVA™ PI OPC UA Server for all descriptions of available features and processes. There are no enhancements as this is the initial release.
Resolved issues
There are no resolved issues for this release.
Known issues
There are no known issues for this release.
Security information and guidance
We are committed to releasing secure products. This section is intended to provide relevant security-related information to guide your installation or upgrade decision.
We proactively disclose aggregate information about the number and severity of security vulnerabilities addressed in each release. The information below provide an overview of security issues addressed and their relative severity based on standard scoring.
Vulnerabilities mitigated
The following table provides details on the specific vulnerabilities mitigated in this release, along with the corresponding component, version, CVE or reference, CVSS score, and the mitigation applied.
|
Component |
Version |
CVE or Reference |
CVSS |
Mitigation |
|---|---|---|---|---|
|
SQLite |
3.46.1 |
CVE-2025-7709 |
7.3 |
Vulnerable code not in execution path. Free-text search is not enabled. |
|
SQLite |
3.46.1 |
CVE-2025-29087 |
7.1 |
Vulnerable code not in execution path. No concatenation functions are used. |
|
SQLite |
3.46.1 |
CVE-2025-29088 |
7.1 |
Vulnerable code cannot be controlled by adversary. Configuration functions are not accessible. |
|
SQLite |
3.46.1 |
CVE-2025-3277 |
7.1 |
Vulnerable code not in execution path. No concatenation functions are used. |
|
SQLite |
3.46.1 |
CVE-2025-6965 |
6.5 |
Vulnerable code not in execution path. No aggregate queries are used. |
|
SQLite |
3.46.1 |
CVE-2025-70873 |
6.7 |
Vulnerable code not present. The zipfile extension is not used. |
|
Microsoft.AspNetCore.Authentication.Negotiate |
8.0.24 |
CVE-2026-26130 |
6.5 |
Vulnerable code not in execution path. No SOAP web services are enabled. |
|
Microsoft.AspNetCore.Authentication.Negotiate |
8.0.24 |
BDSA-2025-54155 |
4.2 |
Vulnerable code not in execution path. SignalR is not used. |
|
System.DirectoryServices.Protocols |
9.0.0 |
CVE-2025-21173 |
6.4 |
Vulnerable code not in execution path. LDAP is not enabled. |
|
System.DirectoryServices.Protocols |
9.0.0 |
CVE-2025-55248 |
4.2 |
Vulnerable code not in execution path. LDAP is not enabled. |
|
System.DirectoryServices.Protocols |
9.0.0 |
CVE-2025-55247 |
6.4 |
Vulnerable code not in execution path. LDAP is not enabled. |
|
System.DirectoryServices.Protocols |
9.0.0 |
CVE-2025-26646 |
7.0 |
Vulnerable code not in execution path. LDAP is not enabled. |
|
System.DirectoryServices.Protocols |
9.0.0 |
CVE-2026-21218 |
6.5 |
Vulnerable code not in execution path. LDAP is not enabled. |
|
System.DirectoryServices.Protocols |
9.0.0 |
CVE-2026-26127 |
6.5 |
Vulnerable code not in execution path. LDAP is not enabled. |
Distribution kits
This table lists the exact versions included in the distribution kits. Use these numbers to confirm what was installed, plan safe upgrades, and share precise component versions during troubleshooting.
|
Product |
Software version |
|---|---|
|
AVEVA PI OPC UA Server 1.0.0 |
1.0.0.1645 |
|
AVEVA Operations Control Logger |
23.4.1 |
|
AVEVA Platform Common Services |
8.2.25264.1 |
|
PI Network Subsystem |
3.5.510.290 |
|
PI AF Client 2024 R2 |
3.1.1.1182 |
|
PI Buffer Subsystem 2018 SP2 Patch 2 |
4.9.0.37 |
|
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34438 |
14.42.34438.0 |
|
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34438 |
14.42.34438.0 |