This page lists publicly disclosed CVE vulnerabilities affecting pilz pmc (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2019-9011 | In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), an attacker can identify valid usernames. | [email protected] | 5.3 | 0.22% | 2022-12-26 | 2025-04-14 |
| CVE-2020-12069 | In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the device. | [email protected] | 7.8 | 0.08% | 2022-12-26 | 2025-05-05 |
| CVE-2020-12067 | In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), a user's password may be changed by an attacker without knowledge of the current password. | [email protected] | 7.5 | 0.14% | 2022-12-26 | 2025-04-14 |