Pilz: PAS 4000 prone to ZipSlip

PAS4000 is the software platform for the Automation System PSS 4000. PAS 4000 does not properly check pathnames contained in archives. An attacker can utilise this vulnerability to write arbitrary files, potentially leading to code execution.


CVE-2018-1002202: 6.5
CVE-2022-40976: 5.5

Pilz: Multiple products affected by ZipSlip

Several Pilz software products do not properly check pathnames contained in archives. An attacker can utilise this vulnerability to write arbitrary files, potentially leading to code execution.


CVE-2022-40976: 5.5

Pilz: PASvisu and PMI affected by multiple vulnerabilities

PASvisu is an HMI solution for Machine Visualization. It is available as a standalone software product, but it is also included in various models of the PMI product family. The PASvisu Server component contains multiple vulnerabilities which can be utilised to write arbitrary files, potentially leading to code execution.


CVE-2022-25299: 7.5
CVE-2022-40977: 6.5

Miele: Vulnerability in ease2pay cloud service used by appWash

Up until October 5th, 2022 the ease2pay API used by Miele's "AppWash" MobileApp was vulnerable to an authorization bypass. A low privileged, remote attacker would have been able to gain read and partial write access to other users data by modifying a small part of a HTTP request sent to the API. Reading or changing the password of another user was not possible, thus no impact to Availability.


CVE-2022-3589: 8.1

PHOENIX CONTACT: Denial-of-Service vulnerability in mGuard product family

A denial of service of the HTTPS management interface of PHOENIX CONTACT FL MGUARD and TC MGUARD devices can be triggered by a larger number of unauthenticated HTTPS connections originating from different source IP’s. Configuring firewall limits for incoming connections cannot prevent the issue.


CVE-2022-3480: 7.5

PHOENIX CONTACT: Automationworx BCP File Parsing Vulnerabilities (Update A)

Manipulated PC Worx or Config+ files could lead to a heap buffer overflow, release of unallocated memory or a read access violation due to insufficient validation of input data.
The attacker needs to get access to an original bus configuration file (*.bcp) to be able to manipulate data inside. After manipulation the attacker needs to exchange the original file by the manipulated one on the application programming workstation.

Update A, 2022-11-14

  • removed the sentence "Automated systems in operation which were programmed with one of the above-mentioned products are not affected." from Impact.


CVE-2022-3461: 7.8
CVE-2022-3737: 7.8

TRUMPF: Multiple products prone to X.Org server vulnerabilities

TruControl laser control software from versions 1.60.0 to 3.40.0 use a vulnerable  X.Org server versions. The affected X.Org vulnerability is not validating the request length properly for the handler “ProcXkbSetGeometry”. An authenticated Attacker could craft a request which could lead to memory out-of bounds write.


CVE-2022-2319: 7.8
CVE-2022-2320: 7.8

Wiesemann &Theis: Multiple Vulnerabilities in the Com-Server Family

Multiple Wiesemann & Theis product families are affected by multiple vulnerabilities in the web interface.


CVE-2022-42785: 9.8
CVE-2022-42787: 9.8
CVE-2022-42786: 5.4

Feeds

By Vendor

Archive

2024
2023
2022
2021
2020
2019
2018
2017
2014

Legend

(Scoring for CVSS 2.0,3.0+3.1)
None
No CVE available
Low
0.1 <= 3.9
Medium
4.0 <= 6.9
High
7.0 <= 8.9
Critical
9.0 <= 10.0