PI AF Client 2018 SP3 Patch 5 - Release Notes
- Last UpdatedDec 04, 2025
- 3 minute read
- PI System
- PI Server 2018
- PI Server
Overview
PI AF Client 2018 SP3 Patch 5 (version 2.10.11.2717) consists of several tools that enable you to access data and perform certain administrative tasks in PI Asset Framework (AF), Data Archive, and PI Buffer subsystem. PI Network subsystems (PINS), PI System Explorer, PI Builder, and the AF SDK are included in a PI AF Client 2018 SP3 Patch 6 installation.
New features and enhancements
PI AF Client 2018 SP3 Patch 5 contains no new features or enhancements.
Resolved issues
The following table lists all resolved issues for PI AF Client 2018 SP3 Patch 5.
|
Product/Component |
WI / PLI |
Description |
|---|---|---|
|
Asset Framework |
27763 |
XML import fails to complete for templated analyses |
Known issues
The following items are known issues:
-
If you are using PI Asset Framework to store complex types in AFValue and ExtendedProperties, some functionality may be lost initially on upgrade. This can be remediated by setting enableBinaryFormatter to ‘True’ in the AFSDK.config on PI Clients.
Note: The 'enableBinaryFormatter' setting is discouraged.
-
The AFElement.GetAttributeValues and AFEventFrame.GetAttributeValues methods allow an optional WindowsIdentity/ClaimsIdentity to be passed in so that a service, using a trusted subsystem model, can evaluate access for the specified user identity. However, if the service is not mapped to the Administrator Identity on the PI Asset Framework server, the identity parameters are ignored, and the attributes and data are returned with the access rights of the caller (the trusted subsystem). This may result in granting Read Data privilege on attributes for end users. The work around is to run the trusted subsystem service with admin rights on the PI System. This issue only affects applications that are trying to impersonate calls to users, such as the PI RTQP Engine.
Refer to the AVEVA Customer Portal Products page for a complete list of known issues.
Security information and guidance
We are committed to releasing secure products. This section is intended to provide relevant security-related information to guide your installation or upgrade decision.
We proactively disclose aggregate information about the number and severity of security vulnerabilities addressed in each release. The tables below provide an overview of security issues addressed and their relative severity based on standard scoring.
Vulnerabilities Fixed in this Release
The following table lists the number of fixed vulnerabilities by severity category and CVSS base score range.
|
Severity Category |
CVSS Base Score Range |
Number of Fixed Vulnerabilities in this Release |
|---|---|---|
|
Critical |
9.0 - 10 |
0 |
|
High |
7.0 - 8.9 |
1 |
|
Medium |
4.0 - 6.9 |
0 |
|
Low |
0 - 3.9 |
0 |
Vulnerabilities Mitigated in this Release
In this release, additional security protections have been implemented, including the disabling of the BinaryFormatter. It is recommended to avoid using the enableBinaryFormatter setting.
The following table provides details on the specific vulnerabilities mitigated in this release, along with the corresponding component, version, CVE or reference, CVSS score, and the mitigation applied.
|
Component |
Version |
CVE or Reference |
CVSS |
Mitigation |
|---|---|---|---|---|
|
SQLite |
3.43.0 |
CVE-2023-7104 |
7.3 |
Vulnerable code is not in execution path. The session extension of SQLite is not utilized. |
|
SQLite |
3.43.0 |
CVE-2024-0232 |
5.5 |
Vulnerable code is not in execution path. JSON parsing capability of SQLite is not utilized. |
Distribution kits
|
Product |
Software Version |
|---|---|
|
Microsoft Visual C++ 2015-2022 Redistributables (x86 and x64) |
14.34.31938.3 |
|
Microsoft VSTO 2010 Runtime |
10.0.60724 |
|
PI Buffer Subsystem |
4.9.0.37 |
|
PI Network Subsystem |
3.4.450.165 |
|
PI AF Client |
2.10.11.2717 |
|
PI Builder |
2.10.11.2717 |
©2024 AVEVA Group plc and its subsidiaries. All rights reserved.