Pilz: Multiple products affected by ZipSlip

Several Pilz software products do not properly check pathnames contained in archives. An attacker can utilise this vulnerability to write arbitrary files, potentially leading to code execution.

PASvisu is an HMI solution for Machine Visualization. It is available as a standalone software product, but it is also included in various models of the PMI product family. The PASvisu Server component contains multiple vulnerabilities which can be utilised to write arbitrary files, potentially leading to code execution.

Up until October 5th, 2022 the ease2pay API used by Miele's "AppWash" MobileApp was vulnerable to an authorization bypass. A low privileged, remote attacker would have been able to gain read and partial write access to other users data by modifying a small part of a HTTP request sent to the API. Reading or changing the password of another user was not possible, thus no impact to Availability.

A denial of service of the HTTPS management interface of PHOENIX CONTACT FL MGUARD and TC MGUARD devices can be triggered by a larger number of unauthenticated HTTPS connections originating from different source IP’s. Configuring firewall limits for incoming connections cannot prevent the issue.

Manipulated PC Worx or Config+ files could lead to a heap buffer overflow, release of unallocated memory or a read access violation due to insufficient validation of input data.
The attacker needs to get access to an original bus configuration file (*.bcp) to be able to manipulate data inside. After manipulation the attacker needs to exchange the original file by the manipulated one on the application programming workstation.

Update A, 2022-11-14

  • removed the sentence "Automated systems in operation which were programmed with one of the above-mentioned products are not affected." from Impact.

TruControl laser control software from versions 1.60.0 to 3.40.0 use a vulnerable  X.Org server versions. The affected X.Org vulnerability is not validating the request length properly for the handler “ProcXkbSetGeometry”. An authenticated Attacker could craft a request which could lead to memory out-of bounds write.

Multiple Wiesemann & Theis product families are affected by multiple vulnerabilities in the web interface.

The MAC address filter as part of the firewall has a flaw, which prevents the MAC address filter to be active after restart. In this way a remote attacker is able to circumvent the MAC address filtering after a reboot of a device.


Nach Hersteller




(Scoring für CVSS 2.0,3.0+3.1)
Kein CVE verfügbar
0.1 <= 3.9
4.0 <= 6.9
7.0 <= 8.9
9.0 <= 10.0