Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2024-01394
HistoryJan 10, 2024 - 12:00 a.m.

Siemens Spectrum Power 7 Critical Resource Privilege Assignment Error Vulnerability

2024-01-1000:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
siemens
scada
communications
data modeling
vulnerability
misassigned privilege
authenticated attacker
local attacker
arbitrary code
root access

7.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Spectrum Power 7 provides the essential components of SCADA, communications and data modeling for control and monitoring systems. Application suites can be added to optimize network and generation management in all areas of energy management. Siemens Spectrum Power 7 suffers from a misassigned privilege vulnerability in critical resources, which can be exploited by an authenticated, local attacker to inject arbitrary code and gain root access.

Related

ics 1
cve 1
prion 1
cvelist 1
nvd 1
ics
ics
Siemens Spectrum Power 7
2024-01-11 12:00:00
cve
cve
CVE-2023-44120
2024-01-09 10:15:15
prion
prion
Code injection
2024-01-09 10:15:00
cvelist
cvelist
CVE-2023-44120
2024-01-09 09:59:44
nvd
nvd
CVE-2023-44120
2024-01-09 10:15:15

7.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for CNVD-2024-01394
ics1cve1prion1cvelist1nvd1