Siemens Desigo CC Product Family and SENTRON Powermanager

SUMMARY Versions V6.0 through V8 QU1 of the Desigo CC product family Desigo CC, Desigo CC Compact, Desigo CC Connect, Cerberus DMS, as well as the Desigo CC-based SENTRON Powermanager, are affected by a vulnerability in the underlying third-party component WIBU Systems CodeMeter Runtime...

EUVD-2021-23781

Malware in sbrugna...

SIEMENS Desigo CC family and SENTRON Powermanager elevation of privilege vulnerability

The Desigo CC product range includes Desigo CC, an integrated building management platform for managing high-performance buildings, Desigo CC Compact, a tailored solution for small and medium-sized buildings, Desigo CC Connect, a software gateway based on the Desigo CC platform, and Cerberus DMS ...

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on August 19, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-231-01 Siemens Desigo CC Product Family and SENTRON Powermanager ICSA-25-231-02 Siemen...

Siemens Desigo CC Product Family and SENTRON Powermanager

SUMMARY Versions V5.0 through V8 of the Desigo CC product family Desigo CC, Desigo CC Compact, Desigo CC Connect, Cerberus DMS, as well as the Desigo CC-based SENTRON Powermanager, are affected by a vulnerability in the underlying third-party component WIBU Systems CodeMeter Runtime. Successful...

CVE-2021-37207

A vulnerability has been identified in SENTRON powermanager V3 All versions. The affected application assigns improper access rights to a specific folder containing configuration files. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges...

Siemens Sentron Powermanager Local Code Execution Vulnerability

Siemens Sentron Powermanager is a power management software from Siemens, a German company. A local code execution vulnerability exists in Siemens Sentron Powermanager, which stems from an affected application assigning incorrect access rights to a specific folder containing configuration files. ...

CVE-2021-37207

A vulnerability has been identified in SENTRON powermanager V3 All versions. The affected application assigns improper access rights to a specific folder containing configuration files. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges...

CVE-2021-37207

A vulnerability has been identified in SENTRON powermanager V3 All versions. The affected application assigns improper access rights to a specific folder containing configuration files. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges...

Improper access control

A vulnerability has been identified in SENTRON powermanager V3 All versions. The affected application assigns improper access rights to a specific folder containing configuration files. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges...

CVE-2021-37207

A vulnerability has been identified in SENTRON powermanager V3 All versions. The affected application assigns improper access rights to a specific folder containing configuration files. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges...

CVE-2021-37207

CVE-2021-37207 affects Siemens SENTRON powermanager V3 (All versions). The vulnerability arises from improper access rights on a folder containing configuration files, enabling an authenticated local attacker to inject arbitrary code and escalate privileges. Siemens released a patch for powermana...

Siemens Sentron Powermanager 安全漏洞

Siemens Sentron Powermanager is a power management software from Siemens, a German company. A local code execution vulnerability exists in Siemens Sentron Powermanager, which stems from an affected application assigning incorrect access rights to a specific folder containing configuration files. ...

Siemens SENTRON powermanager

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SENTRON powermanager Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated local attacker to...