Pilz: Electron Vulnerabilities in PASvisu and PMI v8xx
Act Now8.8VDE-2023-059Dec 5, 2023
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary
PASvisu and PMI v8xx contain multiple vulnerabilities in the embedded Electron framework (a third-party open-source component). These vulnerabilities (buffer overflow and use-after-free flaws, CWE-787 and CWE-416) allow an attacker to achieve remote code execution with full system privileges. The vulnerabilities can be exploited locally through malicious project files or remotely over the network if the systems are accessible. An attacker gaining code execution could modify safety configurations, alter process setpoints, disable operations, or steal engineering data.
What this means
What could happen
An attacker could gain complete control over systems running PASvisu or PMI v8xx through vulnerabilities in the embedded Electron framework, potentially allowing them to alter safety configurations, stop process operations, or exfiltrate engineering data from your automation network.
Who's at risk
This impacts water and electric utilities using Pilz safety control systems. Specifically, organizations running PASvisu (the visualization and engineering tool) or PMI v8xx (process monitoring interface) for configuration of PLCs and safety logic are at risk. Any facility where these products are used for critical process control or safety monitoring should prioritize mitigation.
How it could be exploited
An attacker could exploit buffer overflow or use-after-free flaws in Electron to execute arbitrary code locally or remotely. If a user opens a malicious project file or the system is accessed over the network without proper controls, the attacker gains full system privileges and can modify PLC configurations, safety logic, or operational parameters.
Prerequisites
- - Network access to the PASvisu or PMI v8xx system (if exploiting remotely) - User interaction required: target user must open a malicious project file - No authentication required - Affected product versions must be in use (PASvisu <1.14.1, PMI v8xx ≤2.0.33992)
- actively exploited (KEV)
- remotely exploitable
- no authentication required
- low complexity exploitation
- no patch available (end-of-life for affected versions)
- affects safety systems
- high CVSS score (8.8)
Exploitability
Actively exploited — confirmed by CISA KEV
Affected products (2)
2 EOL
ProductAffected VersionsFix Status
PASvisu<1.14.1No fix (EOL)
PMI v8xx≤ 2.0.33992No fix (EOL)
Remediation & Mitigation
0/6
Do now
0/4PASvisu
WORKAROUNDRestrict network access to PASvisu and PMI v8xx systems using firewall rules. Allow only traffic from authorized engineering workstations on your engineering VLAN.
HARDENINGEnable password protection on all online projects stored in PASvisu and PMI v8xx systems.
All products
HOTFIXContact Pilz support to determine availability of updated firmware versions and deploy immediately upon release.
WORKAROUNDDo not open project files from untrusted sources (internet downloads, email attachments, external USB drives). Only use project files that originate from your engineering team or verified Pilz repositories.
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HARDENINGImplement file access controls on project file directories to prevent unauthorized modification. Restrict write access to authorized engineering staff only.
Mitigations - no patch available
0/1The following products have reached End of Life with no planned fix: PASvisu, PMI v8xx. Apply the following compensating controls:
HARDENINGImplement network segmentation to isolate PASvisu and PMI v8xx systems from general IT networks and untrusted sources.
CVEs (2)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/d9ec67fd-476b-4618-9009-c651c7562c0c