CVE-2022-24040
CVE-2022-24040 affects Siemens Desigo DXR2, PXC3, PXC4 and PXC5: the web app does not enforce an upper bound on PBKDF2 cost factor during account creation/update. An attacker with user-profile access can trigger a DoS by setting an excessively high PBKDF2 cost and attempting login, causing high C...