Lenze: PLC Designer V4 with insecure storage of sensitive information

A security vulnerability was discovered in the PLC Designer V4 in the version 4.0.0 where the programmer of a Controller can set a password for the connected device. Here it is possible in an interface of the PLC Designer V4 for the programmer to enter a password for the Device. There is a special constellation where the password entered appears in plain text. Only the display in the tool is affected and not the management of the password on the device. This vulnerability of PLC Designer V4 only occurs in combination with the devices c430 controller, c520 controller and c550 controller and not in combination with other devices, as this functionality is only used here. It is generally recommended that all users update to 4.0.1, but especially all users who operate PLC Designer V4 in combination with the controllers mentioned.

This vulnerability may lead to unintended exposure of passwords in plain text within the PLC Designer V4 interface, potentially allowing unauthorized individuals with access to the engineering workstation to view sensitive credentials. The issue is limited to versions 4.0.0 used with c430, c520, and c550 controllers, and does not affect password handling on the device itself.

The PLC Designer V4 tool is designed and developed for use in closed and protected security zones. Lenze therefore strongly recommends that this tool is only used in familiar areas. As this security vulnerability relates to a plain text display of an entered password and not to the password method saved afterwards, it is recommended as mitigation to protect the viewing area of the tool from strangers when entering it in order to prevent the shoulder surfing attack method.

This vulnerability has been fixed in the new version. All users are strongly recommended to use the new version 4.0.1.