A vulnerability has been disclosed in PLC ifm AC4xxS that allows an attacker to trigger the safety state with the help of a specially crafted html request. This leads to a loss of availability.
PiCtory, a web application to configure the Pilz industrial PC IndustrialPI, has three vulnerabilities with varying degrees of severity. The first two are of critical severity and can lead to a bypass of authentication and a cross-site-scripting attack. The third vulnerability with medium severity puts PiCtory at a risk of a reflected cross-site-scripting attack.
A security vulnerability was discovered in the PLC Designer V4 in the version 4.0.0 where the programmer of a Controller can set a password for the connected device. Here it is possible in an interface of the PLC Designer V4 for the programmer to enter a password for the Device. There is a special constellation where the password entered appears in plain text. Only the display in the tool is affected and not the management of the password on the device. This vulnerability of PLC Designer V4 only occurs in combination with the devices c430 controller, c520 controller and c550 controller and not in combination with other devices, as this functionality is only used here. It is generally recommended that all users update to 4.0.1, but especially all users who operate PLC Designer V4 in combination with the controllers mentioned.
The mb24api endpoint reachable when connected via VPN is missing authentication for sensitive functions. This can lead to information disclosure of user- and device names and to DoS.
The mb24api endpoint reachable when connected via VPN is missing authentication for sensitive functions. This can lead to information disclosure of user- and device names and to DoS.
Two vulnerabilities in myREX24/myREX24.virtual can lead to user enumeration an password bypass.
Two vulnerabilities in mbCONNECT24/mymbCONNECT24 can lead to user enumeration an password bypass.
The base ctrlX OS apps Device Admin and Solutions contain multiple vulnerabilities. In a worst case scenario, a remote authenticated (low-privileged) attacker might be able to execute arbitrary OS commands running with higher privileges.