← Back to home
ICSA-19-010-03  ·  Published 2019-01-10  ·  View on CISA ICS-CERT ↗

Pilz PNOZmulti Configurator

CVSS 3.3 LOW

Risk Summary

Successful exploitation of this vulnerability could allow sensitive data to be read from the system.

CVEs (1)

Remediations

  • Pilz has discontinued the PMI m107 diag HMI device and the function concerned was removed in PNOZmulti Configurator Version 10.9.
  • Install Version 10.9 of the PNOZmulti Configurator software and delete the content of the directory C:\Program-Data\Pilz\PNOZmulti Configurator v<version>\AppData\pmimicroconfig. (Replace <version> with the used version.)
  • Continue to use the old PNOZmulti Configurator software version and secure the PC and the file system against unauthorized access.
  • For more information, the Pilz security advisory can be viewed

Affected Vendors

Pilz GmbH & Co. KG (Pilz)

Affected Products (1)

Pilz GmbH & Co. KG (Pilz) · PNOZmulti Configurator < 10.9

Affected Sectors

Multiple

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more