CVE-2022-29518 Information

Jun 07, 2022 cve

Description

Screen Creator Advance2 HMI GC-A2 series and Real time remote monitoring and control tool Screen Creator Advance2 versions prior to Ver.0.1.1.3 Build01 HMI GC-A2 series(GC-A22W-CW GC-A24W-C(W) GC-A26W-C(W) GC-A24 GC-A24-M GC-A25 GC-A26 and GC-A26-J2) and Real time remote monitoring and control tool(Remote GC) allows a local attacker to bypass authentication due to the improper check for the Remote control setting’s account names. This may allow attacker who can access the HMI from Real time remote monitoring and control tool may perform arbitrary operations on the HMI. As a result the information stored in the HMI may be disclosed deleted or altered and/or the equipment may be illegally operated via the HMI.

Reference

https://jvn.jp/en/jp/JVN50337155/index.html https://www.koyoele.co.jp/en/topics/202205095016/

Share on: