CVE-2020-10055

2020-08-14T16:15:00
ID CVE-2020-10055
Type cve
Reporter productcert@siemens.com
Modified 2020-08-21T14:41:00

Description

A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). Affected applications are delivered with a 3rd party component (BIRT) that contains a remote code execution vulnerability if the Advanced Reporting Engine is enabled. The vulnerability could allow a remote unauthenticated attacker to execute arbitrary commands on the server with SYSTEM privileges.