Panorama Web HMI Unauthorized File Access Vulnerability

A vulnerability in Panorama Web HMI allows an attacker to read certain server files if they know the file paths and the files are accessible to the Servin process execution account. This issue affects multiple versions of the Panorama Suite, including 2022-SP1, 2023, 2025, and the December 2025 update.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive files on the Web HMI server.

Remediation

Users should update to the following versions: - Panorama Suite 2022-SP1: PS-2210-04-4079 (or higher) - Panorama Suite 2023: PS-2300-03-3078 (or higher), PS-2300-04-3078 (or higher), and PS-2300-82-3078 (or higher) - Panorama Suite 2025: PS-2500-02-1078 (or higher) and PS-2500-04-1078 (or higher) - Panorama Suite 2025 (updated Dec 2025): PS-2510-02-1077 (or higher) and PS-2510-04-1077 (or higher)