2 matches found
Siemens Desigo PXC and DXR Devices Improper Restriction of Excessive Authentication Attempts (CVE-2022-24044)
A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The login functionality of the application does not employ any countermeasures...
CVE-2022-24044
The CVE-2022-24044 entry affects Siemens Desigo DXR2, PXC3, PXC4 and PXC5 controllers. Root cause: the login functionality lacks protection against Password Spraying/Credential Stuffing, enabling an attacker to enumerate valid usernames and then perform targeted login attempts to gain access to a...