Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Spcanywhere Security Vulnerabilities

cve
cve

CVE-2015-1595

The Siemens SPCanywhere application for Android and iOS does not use encryption during lookups of system ID to IP address mappings, which allows man-in-the-middle attackers to discover alarm IP addresses and spoof servers by intercepting the client-server data stream.

6.3AI Score

0.001EPSS

2015-03-07 02:59 AM
35
cve
cve

CVE-2015-1596

The Siemens SPCanywhere application for Android and iOS does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

5.7AI Score

0.001EPSS

2015-03-07 02:59 AM
26
cve
cve

CVE-2015-1597

The Siemens SPCanywhere application for Android does not use encryption during the loading of code, which allows man-in-the-middle attackers to execute arbitrary code by modifying the client-server data stream.

7.7AI Score

0.001EPSS

2015-03-07 02:59 AM
29
cve
cve

CVE-2015-1598

The Siemens SPCanywhere application for Android does not properly store application passwords, which allows physically proximate attackers to obtain sensitive information by examining the device filesystem.

6.1AI Score

0.0004EPSS

2015-03-07 02:59 AM
24
cve
cve

CVE-2015-1599

The Siemens SPCanywhere application for iOS allows physically proximate attackers to bypass intended access restrictions by leveraging a filesystem architectural error.

6.4AI Score

0.0004EPSS

2015-03-07 02:59 AM
28