Vulnerability in Siemens Desigo Dxr2

CVE-2022-24041

A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The web…

EPSS: 0.002 (35.8th percentile) — read the EPSS interpretation.

Affected products

Siemens Desigo Dxr2 — versions All versions < V01.21.142.5-22
Siemens Desigo Pxc3 — versions All versions < V01.21.142.4-18
Siemens Desigo Pxc4 — versions All versions < V02.20.142.10-10884
Siemens Desigo Pxc5 — versions All versions < V02.20.142.10-10884

Weakness classification (CWE)

CWE-916 — Use of Password Hash With Insufficient Computational Effort

References

cert-portal.siemens.com/productcert/pdf/ssa-626968.pdf (x_refsource_MISC)