Pilz CVE - CVE Search - CVE Details

Filtered by vendor Pilz Subscribe

Total 6 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-40976	2 Pilz, Pliz	6 Pas 4000, Pss 4000, Pascal and 3 more	2023-02-03	N/A	5.5 MEDIUM
A path traversal vulnerability was discovered in multiple Pilz products. An unauthenticated local attacker could use a zipped, malicious configuration file to trigger arbitrary file writes ('zip-slip'). File writes do not affect confidentiality or availability.
CVE-2022-40977	1 Pilz	15 Pasvisu, Pmi V507, Pmi V507 Firmware and 12 more	2023-02-01	N/A	7.5 HIGH
A path traversal vulnerability was discovered in Pilz PASvisu Server before 1.12.0. An unauthenticated remote attacker could use a zipped, malicious configuration file to trigger arbitrary file writes ('zip-slip'). File writes do not affect confidentiality or availability.
CVE-2020-12069	1 Pilz	1 Pmc	2023-01-05	N/A	9.8 CRITICAL
In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), the password-hashing feature requires insufficient computational effort.
CVE-2020-12067	1 Pilz	1 Pmc	2023-01-05	N/A	7.5 HIGH
In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), a user's password may be changed by an attacker without knowledge of the current password.
CVE-2019-9011	1 Pilz	1 Pmc	2023-01-05	N/A	5.3 MEDIUM
In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), an attacker can identify valid usernames.
CVE-2018-19009	1 Pilz	1 Pnozmulti Configurator	2020-09-18	2.1 LOW	7.8 HIGH
Pilz PNOZmulti Configurator prior to version 10.9 allows an authenticated attacker with local access to the system containing the PNOZmulti Configurator software to view sensitive credential data in clear-text. This sensitive data is applicable to only the PMI m107 diag HMI device. An attacker with access to this sensitive data and physical access to the PMI m107 diag can modify data on the HMI device.

Vulnerabilities (CVE)