Panasonic FPWIN Pro Vulnerabilities

CVSS 4.2 MEDIUM

CVEs (4)

CVE-2016-4499 CVE-2016-4498 CVE-2016-4496 CVE-2016-4497

Software releases 5.x have reached end-of-support, and users are advised to migrate to a supported release. Software releases 6.x are end-of-sales since April 2015 and will reach end-of-support in September 2016. Users using 6.x releases are advised to plan for an upgrade to the supported software release.
Panasonic has released FPWIN Pro 7.130 software that addresses the vulnerabilities described in this advisory. Fixed software can be downloaded from (https://www.panasonic-electric-works.com/eu/plc-software-control-fpwin-pro.htm)
Panasonic states that users may only install, use, and expect support for software versions and feature sets for which they have purchased a license.
For more information about these issues or other vulnerabilities in Panasonic products, please contact the Panasonic Product Security Incident Response Team: (https://www.panasonic.com/global/corporate/product-security/sec/psirt.html)

Panasonic

Panasonic · FPWIN Pro 5.x

Panasonic · FPWIN Pro 6.x

Panasonic · FPWIN Pro <=7.122

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.