PI AF Client 2023 Patch 2 release notes
- Last UpdatedDec 04, 2025
- 3 minute read
- PI System
- PI Server 2024 R2
- PI Server
Overview
PI AF Client 2023 Patch 2 (version 3.0.2.5) consists of several tools that enable you to access data and perform certain administrative tasks in PI Asset Framework (AF), Data Archive, and PI Buffer subsystem. PI Network subsystems (PINS), PI System Explorer, PI Builder, and the AF SDK are included in a PI AF Client 2023 Patch 2 installation.
New features and enhancements
PI AF Client 2023 Patch 2 contains no new features or enhancements.
Resolved issues
The following table lists all resolved issues for PI AF Client 2023.
|
Product/Component |
WI / PLI |
Description |
|---|---|---|
|
Asset Framework |
100331 |
PI Server Authentication Modes list gets in bad state when used by multiple threads. |
Known issues
The following items are known issues:
-
If you are using PI Asset Framework to store complex types in AFValue and ExtendedProperties, some functionality may be lost initially on upgrade. This can be remediated by setting enableBinaryFormatter to ‘True’ in the AFSDK.config on PI Clients.
Note: The 'enableBinaryFormatter' setting is discouraged.
-
In Asset Framework, the Get Attribute Values method for elements (AFElement.GetAttributeValues) and event frames (AFEventFrame.GetAttributeValues) allow an optional WindowsIdentity/ClaimsIdentity to be passed in so that a service, using a trusted subsystem model, can evaluate access for the specified user identity. However, if the service is not running with PI System administration rights, the identity parameters are ignored, and the attributes and data are returned with the access rights of the caller (the trusted subsystem). This may result in granting Read Data privilege to the attributes to the end-user.
The work around is to run the trusted subsystem service with admin rights on the PI System. This issue only affects applications that are trying to impersonate calls to users, such as the PI SQL Data Access Server (Real-Time Query Processing Engine).
Refer to the AVEVA Customer Portal Products page for a complete list of known issues.
Security information and guidance
We are committed to releasing secure products. This section is intended to provide relevant security-related information to guide your installation or upgrade decision.
We proactively disclose aggregate information about the number and severity of security vulnerabilities addressed in each release. The tables below provide an overview of security issues addressed and their relative severity based on standard scoring.
Vulnerabilities Fixed in this Release
The following table lists the number of fixed vulnerabilities by severity category and CVSS base score range.
|
Severity Category |
CVSS Base Score Range |
Number of Fixed Vulnerabilities in this Release |
|---|---|---|
|
Critical |
9.0 - 10 |
0 |
|
High |
7.0 - 8.9 |
0 |
|
Medium |
4.0 - 6.9 |
0 |
|
Low |
0 - 3.9 |
0 |
Vulnerabilities Mitigated in this Release
The following table lists the vulnerabilities mitigated in this release. In addition, additional security protection was added that disables use of the BinaryFormatter. The 'enableBinaryFormatter' setting should be discouraged.
|
Component |
Version |
CVE or Reference |
CVSS |
Mitigation |
|---|---|---|---|---|
|
Microsoft.IdentityModel.JsonWebTokens |
6.19.0 |
CVE-2024-21319 |
6.8 |
This application is not affected by this vulnerability. |
|
System.IdentityModel.Tokens.Jwt |
6.19.0 |
CVE-2024-21319 |
6.8 |
This application is not affected by this vulnerability. |
Distribution kits
|
Product |
Software Version |
|---|---|
|
Microsoft Visual C++ 2015-2022 Redistributables (x86 and x64) |
14.36.32532.0 |
|
Microsoft VSTO 2010 Runtime |
10.0.60910 |
|
PI Buffer Subsystem |
4.9.0.37 |
|
PI Network Subsystem |
3.5.500.617 |
|
PI AF Client |
3.0.2.5 |
|
PI Builder |
3.0.2.5 |
©2024 AVEVA Group plc and its subsidiaries. All rights reserved.