110 matches found
CVE-2019-9011
In Pilz PMC programming tool 3.x before 3.5.17 based on CODESYS Development System, an attacker can identify valid usernames...
Code injection
In Pilz PMC programming tool 3.x before 3.5.17 based on CODESYS Development System, an attacker can identify valid usernames...
CVE-2020-12067
In Pilz PMC programming tool 3.x before 3.5.17 based on CODESYS Development System, a user's password may be changed by an attacker without knowledge of the current password...
Default credentials
In Pilz PMC programming tool 3.x before 3.5.17 based on CODESYS Development System, a user's password may be changed by an attacker without knowledge of the current password...
CVE-2019-9011
In Pilz PMC programming tool 3.x before 3.5.17 based on CODESYS Development System, an attacker can identify valid usernames...
PT-2022-8323 · 3S Smart Software Solutions +1 · Codesys Development System +1
Name of the Vulnerable Software and Affected Versions: Pilz PMC programming tool versions 3.x through 3.5.16 Description: A security issue allows an attacker to change a user's password without knowing the current password. This is possible in the Pilz PMC programming tool, which is based on the...
PT-2022-8324 · 3S Smart Software Solutions +1 · Codesys V3 +1
Name of the Vulnerable Software and Affected Versions: CODESYS V3 products versions prior to 3.5.16.0 Pilz PMC programming tool versions 3.x prior to 3.5.17 Description: The issue is related to a weak hashing algorithm used for storing online communication passwords in the CODESYS Control runtime...
CVE-2019-9011
In Pilz PMC programming tool 3.x before 3.5.17 based on CODESYS Development System, an attacker can identify valid usernames...
Pilz PMC programming tool 安全漏洞
The Pilz PMC programming tool is a PMC programming tool from Pilz, Germany. A security vulnerability exists in Pilz PMC programming tool versions 3.x through 3.5.17 and earlier, which originates from an attacker being able to recognize a valid user name...
CVE-2020-12067
In Pilz PMC programming tool 3.x before 3.5.17 based on CODESYS Development System, a user's password may be changed by an attacker without knowledge of the current password...
CVE-2020-12067
In Pilz PMC programming tool 3.x before 3.5.17 based on CODESYS Development System, a user's password may be changed by an attacker without knowledge of the current password...
CVE-2020-12067
Pilz PMC programming tool up to v3.5.16 is affected (based on CODESYS Development System). The issue allows a password change by an attacker without knowing the current password. Remediation: upgrade to version 3.5.17 or later. Public exploitation status is not detailed in the provided sources; o...
CVE-2019-9011
CVE-2019-9011 affects Pilz PMC programming tool 3.x (based on CODESYS Development System). A remote attacker can enumerate valid usernames via the vulnerable flow, exposing an information-disclosure condition with network attack vector and no required privileges. The vulnerability is documented t...
Command injection
Dell Edge Gateway 5200 EGW versions before 1.03.10 contain an operating system command injection vulnerability. A local malicious user may potentially exploit this vulnerability by using an SMI to bypass PMC mitigation and gain arbitrary code execution during SMM...
CVE-2022-34383
Dell Edge Gateway 5200 EGW versions before 1.03.10 contain an operating system command injection vulnerability. A local malicious user may potentially exploit this vulnerability by using an SMI to bypass PMC mitigation and gain arbitrary code execution during SMM...
Input validation
Improper locking in the Power Management Controller PMC for some Intel Chipset firmware before versions pmcfwlbgc1-21ww02a and pmcfwlbgb0-21ww02a may allow a privileged user to potentially enable denial of service via local access...
CVE-2021-0147
Impact summary (CVE-2021-0147) : The issue is an improper locking fault in the Power Management Controller (PMC) within certain Intel Chipset firmware. This vulnerability could allow a local, authenticated attacker to cause a denial of service, as described in multiple sources. The affected PMC v...
2021.2 IPU – Intel® Chipset Firmware Advisory
Summary: Potential security vulnerabilities in some Intel® Chipset Firmware in Intel® Server Platform Services SPS, Intel® Active Management Technology AMT and the Intel Power Management Controller PMC may allow escalation of privilege or denial of service. Intel is releasing firmware updates to...
GSD-2021-1002834 platform/x86: intel_pmc_core: fix memleak on registration failure
platform/x86: intelpmccore: fix memleak on registration failure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.12 by commit...
GSD-2021-1002808 platform/x86: intel_pmc_core: fix memleak on registration failure
platform/x86: intelpmccore: fix memleak on registration failure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.89 by commit...