2024-10-08 08:40:43
siemens
PUBLISHED
The web server of affected devices do not properly authenticate user request to the /ClientArea/RuntimeInfoData.mwsl endpoint. This could allow an unauthenticated remote attacker to gain knowledge about current actual and configured maximum cycle times as well as about configured maximum communication load.