3 matches found
PT-2021-09: Possibility of authorization in Remote Password mechanism using password hash
The vulnerability of the FX5UC CPU and FX5UJ CPU modules of Mitsubishi Electric FA products is associated with the possibility of using a weak password hash. Exploiting the vulnerability may allow an attacker to use the resulting hash value to recover the password value. Advisory status 15.12.202...
Siemens SIMATIC STEP 7 (TIA Portal) Information Disclosure Vulnerabilities
OVERVIEW Siemens has released a new version of SIMATIC STEP 7 TIA Portal to mitigate information disclosure vulnerabilities. These vulnerabilities were reported directly to Siemens by Dmitry Sklyarov and Gleb Gritsai from Positive Technologies. Siemens has produced a new version to mitigate these...
Siemens SICAM PAS Information Disclosure Vulnerabilities (Update B)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-182-02A Siemens SICAM PAS Vulnerabilities that was published November 29, 2016, on the NCCIC/ICS-CERT web site. Positive Technologies’ Ilya Karpov and Dmitry Sklyarov have identified two vulnerabilities in the...