← volver
CVE-2025-41648

Pilz: Authentication Bypass in IndustrialPI Webstatus

CVSS 9.8 CRITICALEPSS 0.7%CWE-704
An unauthenticated remote attacker can bypass the login to the web application of the affected devices making it possible to access and change all available settings of the IndustrialPI.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Productos afectados
Pilz · IndustrialPI 4 with IndustrialPI webstatus

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://certvde.com/en/advisories/VDE-2025-039