Security advisories
Managing and minimizing security risks to our and customers’ business
At Valmet, we consider the security of our products, systems and services a top priority. Vulnerability management is one essential part of managing and minimizing security risks to our and customers’ business.
Security advisories
Advisory |
Description |
|
Valmet DNA Remote Code Execution CVE-2021-26726 |
Remote code execution vulnerability in Valmet DNA. The vulnerability has been fixed and the fix is available from Valmet Automation Customer Service. |
|
Valmet DNA local privilege escalation through insecure DCOM configuration |
It is possible to gain SYSTEM privileges as any local user via a permission issue in the DCOM object. |
|
An arbitrary number of login attempts can be made via the Valmet DNA operator user interface without the user being blocked. |
|
|
Passwords of Valmet DNA users are stored in plain text within the Valmet DNA function blocks. |
For more information please contact your local Valmet Customer Service.