Vulnerability discovered in safety controller configuration software
Gjoko Krstic, an Applied Risk researcher, has discovered a vulnerability in Pilz PNOZmulti Configurator software that allows a local attacker to read sensitive data in clear-text.
The software is used to configure safety controllers, providing the user with the ability to modify elements such as IP addresses, download and upload project files and run other setup functions.
The tool can be found on engineering workstations which are used to configure safety controllers. The software is commonly used in a range of industries such as Oil & Gas, Manufacturing, Chemicals, Power and any more.
Upon exploitation of the software, adversaries will have the ability to access system passwords, which can be used to alter configuration files in the system.
The vulnerability has been discovered and validated on Pilz PNOZmulti Configurator 10.8. Older versions are affected too.
What can you do?
There are currently no known exploits for this vulnerability. Applied Risk has worked alongside the manufacturer in the responsible disclosure process and a fix has been issued by the vendor. The flaw has been given a CVSSv3 (Common Vulnerability Scoring System) of 4.4.