N/A

Pilz PNOZmulti Configurator prior to version 10.9 allows an authenticated attacker with local access to the system containing the PNOZmulti Configurator software to view sensitive credential data in clear-text. This sensitive data is applicable to only the PMI m107 diag HMI device. An attacker with access to this sensitive data and physical access to the PMI m107 diag can modify data on the HMI device.

N/A

敏感数据的明文存储

Pilz PNOZmulti Configurator 信任管理问题漏洞

Pilz PNOZmulti Configurator是德国Pilz公司的一款用于PNOZmulti控制器的配置程序。 Pilz PNOZmulti Configurator 10.9及之前版本中存在信任管理问题漏洞。该漏洞源于网络系统或产品中缺乏有效的信任管理机制。攻击者可利用默认密码或者硬编码密码、硬编码证书等攻击受影响组件。

N/A

N/A