PT-2022-8323 · 3S Smart Software Solutions+1 · Codesys Development System+1
Published
2022-12-26
·
Updated
2023-01-05
·
CVE-2020-12067
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Pilz PMC programming tool versions 3.x through 3.5.16
Description
A security issue allows an attacker to change a user's password without knowing the current password. This is possible in the Pilz PMC programming tool, which is based on the CODESYS Development System.
Recommendations
For Pilz PMC programming tool versions 3.x through 3.5.16, update to version 3.5.17 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Codesys Development System
Pilz Pmc Programming Tool