2023 SP1 Patch 2 Release Notes
- Last UpdatedNov 18, 2025
- 6 minute read
Overview
AVEVA PI Vision 2023 SP1 Patch 2 (version 3.9.2.0) is a web server-based product that allows you to visualize, assess, and monitor PI System data using any modern web browser.
AVEVA PI Vision 2023 SP1 Patch 2 is a next-generation display editing application, providing symbol absolute sizing and positioning, support for geometric shapes and images, and control over colors and configuration of symbols. This version extends the modern, claims-based authentication via OpenID Connect to the PI Vision administration site and utilities.
PI Vision 2023 SP1 Patch 2 Changes
PI Vision 2023 SP1 Patch 2 fixes additional issues that were discovered in PI Vision 2023 SP1. See Fixes below.
PI Vision 2023 SP1 Patch 1 Changes
PI Vision 2023 SP1 Patch 1 fixes issues that were discovered in PI Vision 2023 SP1. These issues include:
-
PI Vision returns "No Data" for PI Point data references with 2 or more attribute-value substitution parameters
-
Some Microsoft identity model assemblies have a vulnerability reported in CVE-2024-2139 (https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21319)
New features and enhancements in PI Vision 2023 SP1
-
Modern authentication
The 2023 releases deliver modern, claims-based authentication via OpenID Connect for AVEVA PI Server, AVEVA PI Vision, AVEVA PI DataLink, and the PI Web API. Modern authentication can enable a single sign-on experience, making it easier to securely manage resources and users across your enterprise. To take advantage of modern authentication in AVEVA PI Vision, you will first need to configure modern authentication for AVEVA PI Server 2023.
AVEVA PI Vision 2023 SP1 extends modern authentication capabilities to the entire PI Vision application, enabling new architectures such as support for non-domain PI Vision servers and the ability to support Kerberos-free configurations. The capabilities included in this release provide modern, claims-based authentication via OpenID Connect to the PI Vision administration site and utilities. There is also support for the application pools to authenticate to the PI data servers using OpenID Connect.
Modern authentication for AVEVA PI Vision 2023 SP1 is optional. Authentication with Windows Integrated Security (WIS) remains available.
-
Advanced tag search
This feature allows users to filter tag searches on specific tag attributes such as point source, engineering units, or point class so that they can quickly find data items to visualize. Additional enhancements to the tag search include showing the description alongside the tag name, filtering tags based on their current values, and viewing the current tag values.
Other changes
-
PI COM Connectors support
This release no longer supports PI COM Connectors. This feature was removed from PI Data Archive 2018 SP3 Patch 1 (3.4.435.604) due to security enhancements made in that version.
Fixes
The following items were resolved in PI Vision 2023 SP1 Patch 2:
|
WI/PLI |
Description |
|---|---|
|
PI Vision intermittently returns "No Data" and the error "Collection was modified." |
|
|
PI Vision symbols for indirect PI Point data references intermittently show "No Data" or bad multi-state. |
|
|
When the value symbol's text alignment is set to right or center, issues occur. |
|
|
The Display Utility does not substitute data sources or event search criteria in Event Comparison displays. |
|
|
Query depth error message is not returned correctly for indirect PI Point data reference. |
|
|
Events Table with a "Timebar duration" time range does not update when zooming on a Trend symbol. |
|
|
Shared characters between Japanese and Chinese always appear in Japanese font. |
|
|
Migrated Processbook displays with right-aligned value symbols are marked dirty upon opening. |
|
|
N/A |
PI Vision loads custom library scripts after custom symbol scripts. |
The following items were resolved in PI Vision 2023 SP1 Patch 1:
|
WI/PLI |
Description |
|---|---|
|
652895 |
PI Vision returns "No Data" for PI Point data references with 2 or more attribute-value substitution parameters. |
The following items were resolved in PI Vision 2023 SP1:
|
WI/PLI |
Description |
|---|---|
|
382241 |
Cannot change PI Server using ServerMappingInfo in PI Vision API. |
|
48533 |
Child Event Frame Requests are limited to 1000 results and count is not configurable. |
|
176805 |
Loading indicator doesn't display when changing context. |
|
227899 |
Fit All state not activated when display is loaded. |
|
329993 |
Aligning on a non-first child event with the same name aligns on the first child with that name. |
|
351764 |
Event Frames with names using substitutions are not aligned correctly in PI Vision. |
|
357117 |
Importing deleted PI Vision displays into the same database they were exported from does not update navigation link display IDs. |
|
364523 |
PI Vision API does not allow updating display names. |
|
392032 |
Thumbnail generator is producing thumbnails too large for import. |
|
401890 |
Editing localized time abbreviation in time bar results in error for some languages in PI Vision. |
|
401915 |
External library files are not loaded if they are in subfolders of the libraries folder. |
|
402184 |
Events Table fails to set Reason code that contains "<" or ">" characters in its name. |
|
408785 |
Event frame 'Acknowledge' button missing on Event Details page in PI Vision. |
|
410613 |
The reason code editor in the event table is not properly displaying reason code hierarchy. |
|
415101 |
Custom time range shows incorrect value for some calculated time references in PI Vision. |
|
415237 |
PI Vision adds kiosk mode URL parameter to internal non-PI Vision URLs. |
|
417619 |
Events tool pane shows the wrong values for an event's referenced element. |
|
417934 |
Save button can be double clicked, prompting an error message. |
|
417938 |
Events Search Attribute Filter doesn't accept decimal and negative values. |
|
420941 |
PI Vision presents static behavior with dynamic attribute reference in Relative time Retrieval method. |
|
423188 |
AF attributes with a value type of Boolean do not trend correctly in PI Vision when the trend is set to use a Single Scale. |
|
452722 |
UserDisplayData and Usage tables grow indefinitely with no way to decrease their size or limit their growth. |
|
453105 |
Failure to log into the Admin site takes the user to the wrong page. |
|
453337 |
IIS can be configured to give a single domain user access to the PI Vision site. |
|
455122 |
Setting trace style to "None" does not change its appearance in Trend. |
|
455767 |
Utility endpoint does not log error when display attachment size is too large. |
|
456692 |
Displays with navigation links to self are not copied correctly in PI Vision Display Utility. |
|
456930 |
User cannot zoom out completely when viewing large displays on lower-resolution screens. |
|
475709 |
Cannot connect to PI Data Archive server through Admin site with only PIPOINT database table access granted to the Application Pool Identity. |
|
480840 |
PI Vision custom time range is not maintained for some relative time references using string month values. |
|
535881 |
Configuring context switching to show search results on display without AF attributes prevents display from populating asset drop down. |
|
613226 |
Owner column is blank when importing a PDIX file with the PI Vision Display Utility. |
|
613501 |
Administrator cannot favorite a private display. |
|
635887 |
PI Vision cannot find PI Points that use PI Data Archive alias name. |
|
645163 |
Boolean type AF attribute with a Digital tag PI Point data reference shows incorrect multi-state states. |
|
645247 |
Attributes with data type Int64 do not show in the Asset Attribute dropdown when configuring search criteria for an Asset Comparison table. |
|
645648 |
User with only World access can view hidden folders even when they do not grant read/write permission to World in PI Vision. |
|
645973 |
Events Table fails to "Apply Time Range." |
|
647910 |
"No database matches assets on display" error after using the Display Utility to map servers & databases. |
|
650488 |
PI Vision API AccessRights endpoint does not report current user's access rights. |
Known issues
Existing problems and enhancement requests can be reviewed in the OSIsoft Customer Portal. Refer to Knowledge Article 16600, How do I see Release Announcements, Alerts, Known Issues, and Knowledge Articles relating to my products?, for instructions on how to display a list of known issues.
Security information and guidance
We are committed to releasing secure products. This section is intended to provide relevant security-related information to guide your installation or upgrade decision.
We proactively disclose aggregate information about the number and severity of security vulnerabilities addressed in each release. The tables below provide an overview of security issues addressed and their relative severity based on standard scoring.
No new security vulnerabilities were identified or fixed in AVEVA PI Vision 2023 SP1. Known vulnerabilities and their mitigations for this release are listed in the following table:
|
Package Name |
Version |
CVE |
CVSS |
Mitigation |
|---|---|---|---|---|
|
jQuery Mobile |
1.3.2 |
CVE not available Reference: https://gist.github.com/jupenur/e5d0c6f9b58aa81860bf74e010cf1685 |
8.4 |
This vulnerability is mitigated in PI Vision by specifying paths allowed by jQuery Mobile |
|
AngularJS |
1.8.2 |
CVE-2022-25844 |
7.5 |
PI Vision does not use angular custom locale rules |
|
AngularJS |
1.8.2 |
CVE-2022-25869 |
6.1 |
This vulnerability only affects Internet Explorer, which is blocked by PI Vision |
|
AngularJS |
1.8.2 |
CVE-2023-26116 |
5.3 |
PI Vision does not use the angular.copy function to copy RegExp objects |
|
AngularJS |
1.8.2 |
CVE-2023-26117 |
5.3 |
PI Vision does not use the $resource component |
|
AngularJS |
1.8.2 |
CVE-2023-26118 |
5.3 |
PI Vision does not use the <input type="url"> element. PI Vision link validation does not use the vulnerable component. |
|
AngularJS |
1.8.2 |
CVE-2024-21490 |
7.5 |
PI Vision does not use the vulnerable ng-srcset directive |
|
AngularJS |
1.8.2 |
CVE-2024-8372 |
6.2 |
Vulnerable code is not in execution path |
|
AngularJS |
1.8.2 |
CVE-2024-8373 |
4.6 |
Vulnerable code is not in execution path |
|
AngularJS |
1.8.2 |
CVE-2025-0716 |
4.4 |
Inline mitigations already exist |
|
AngularJS |
1.8.2 |
CVE-2025-2336 |
6.2 |
Inline mitigations already exist |
|
AngularJS |
1.8.2 |
CVE-2025-4690 |
3.8 |
Vulnerable code is not in execution path |
Distribution kit files
The distribution kit file for this AVEVA PI Vision release is AVEVA PI Vision_2023 SP1 Patch2_.exe.
Note: The MUI Language Pack is included in the distribution kit.