CVE-2022-46141

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions SIMATIC STEP 7 (TIA Portal) versions prior to V19

Description An information disclosure issue could allow a local attacker to gain access to the access level password of the SIMATIC S7-1200 and S7-1500 CPUs when entered by a legitimate user in the hardware configuration of the affected application.

Recommendations For versions prior to V19, update to version V19 or later to resolve the issue. As a temporary workaround, consider restricting access to the hardware configuration to minimize the risk of exploitation.

Fix

Cleartext Storage of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-312CWE-316

Related Identifiers

CVE-2022-46141

Affected Products

Simatic S7-1200

Simatic S7-1500

Simatic Step 7

CVE-2022-46141

Weakness Enumeration

Related Identifiers

Affected Products

References · 4