Vulnerabilities > Pilz > PMC
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-26 | CVE-2019-9011 | Exposure of Resource to Wrong Sphere vulnerability in Pilz PMC 3.0.0 In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), an attacker can identify valid usernames. | 5.3 |
| 2022-12-26 | CVE-2020-12067 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Pilz PMC 3.0.0 In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), a user's password may be changed by an attacker without knowledge of the current password. | 7.5 |
| 2022-12-26 | CVE-2020-12069 | Use of Password Hash With Insufficient Computational Effort vulnerability in multiple products In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. | 7.8 |