4 matches found
CVE-2022-24043
A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The login functionality of the application fails to normalize the response times o...
Siemens Desigo PXC and DXR Devices Observable Discrepancy (CVE-2022-24043)
A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The login functionality of the application fails to normalize the response times o...
CVE-2022-24043
A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The login functionality of the application fails to normalize the response times o...
CVE-2022-24043
Siemens Desigo DXR2, PXC3, PXC4 and PXC5 are affected by CVE-2022-24043 due to a login-side-channel: the system does not normalize response times between failed logins with wrong usernames and correct usernames, enabling username enumeration. Affected versions are: Desigo DXR2 < v01.21.142.5-2...