Proficy Machine Edition Version 9.00 and prior stores project data in a directory with improper access control lists.ĬVE-2022-2792 has been assigned to this vulnerability. A CVSS v3 base score of 5.9 has been assigned the CVSS vector string is ( AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H). Proficy Machine Edition Version 9.00 and prior has no authentication or authorization of data packets after establishing a connection for the SRTP protocol.ĬVE-2022-2793 has been assigned to this vulnerability. Proficy Machine Edition Version 9.80 and priorģ.2 VULNERABILITY OVERVIEW 3.2.1 MISSING SUPPORT FOR INTEGRITY CHECK CWE-353.The following versions of Proficy Machine Edition, an engineering workstation that is part of the PACSystems control system software platform, are affected: Successful exploitation of these vulnerabilities could allow for remote hidden code execution on the connected programmable logic controller (PLC) and for malicious files to be uploaded from the PLC to connected workstations.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |