groot Inserito: 1 ora fa Segnala Inserito: 1 ora fa In TIA Portal with an S7‑1500 safety project, I observed that the Safety Administration password on offline project data blocks could be cleared without knowing the original password, and without losing existing project data. For context: the Safety Administration password is normally required during compilation and download of safety‑protected blocks (F‑blocks). This mechanism is intended to ensure that only authorized users can modify or activate safety‑relevant logic in compliance with standards. This raises some open questions: - Is this an intended feature of TIA Portal when handling project files? - Or does it represent a potential gap in the protection of offline project data? - Has anyone in the community observed similar results? Of particular concern is that the `.plf` file, which stores critical safety configuration data, should ideally be strongly protected against unauthorized access. Note: This post shares an observation from a security research/VAPT perspective, intended for technical clarification and discussion.
Messaggi consigliati
Crea un account o accedi per commentare
Devi essere un utente per poter lasciare un commento
Crea un account
Registrati per un nuovo account nella nostra comunità. è facile!
Registra un nuovo accountAccedi
Hai già un account? Accedi qui.
Accedi ora