142 matches found
CVE-2019-6579
A vulnerability has been identified in Spectrum Power 4 with Web Office Portal. An attacker with network access to the web server on port 80/TCP or 443/TCP could execute system commands with administrative privileges. The security vulnerability could be exploited by an unauthenticated attacker wi...
CVE-2024-29119
A vulnerability has been identified in Spectrum Power 7 All versions V24Q3. The affected product contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges...
The vulnerability of the Spectrum Power 7 software, related to incorrect privilege assignment, allows a perpetrator to elevate their privileges.
The vulnerability of the Spectrum Power 7 software is related to the improper assignment of privileges by running binary files with the SUID privilege. Exploiting this vulnerability can allow an attacker to increase their privileges...
Siemens Spectrum Power Elevation of Privilege Vulnerability
Spectrum Power provides the essential components of SCADA, communications and data modeling for control and monitoring systems. An elevation of privilege vulnerability exists in Siemens Spectrum Power, which can be exploited by an authenticated, local attacker to elevate privileges...
CVE-2024-29119
A vulnerability has been identified in Spectrum Power 7 All versions V24Q3. The affected product contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges...
CVE-2024-29119
A vulnerability has been identified in Spectrum Power 7 All versions V24Q3. The affected product contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges...
CVE-2024-29119
A vulnerability has been identified in Spectrum Power 7 All versions V24Q3. The affected product contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges...
CVE-2024-29119
CVE-2024-29119 affects Siemens Spectrum Power 7 prior to V24Q3. The product contains root-owned SUID binaries that authenticated local attackers could leverage to escalate privileges (local, low complexity). CVSS vectors in the initial record indicate High impact to confidentiality, integrity, an...
CVE-2024-29119
A vulnerability has been identified in Spectrum Power 7 All versions V24Q3. The affected product contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges...
Siemens Spectrum Power 安全漏洞
Spectrum Power provides the essential components of SCADA, communications and data modeling for control and monitoring systems. An elevation of privilege vulnerability exists in Siemens Spectrum Power, which can be exploited by an authenticated, local attacker to elevate privileges...
Siemens Spectrum Power 7
SUMMARY Spectrum Power 7 before V24Q3 contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges. Siemens has released a new version for Spectrum Power 7 and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS Operators of...
CVE-2023-44120
A vulnerability has been identified in Spectrum Power 7 All versions V23Q4. The affected product's sudo configuration permits the local administrative account to execute several entries as root user. This could allow an authenticated local attacker to inject arbitrary code and gain root access...
CVE-2023-44120
A vulnerability has been identified in Spectrum Power 7 All versions V23Q4. The affected product's sudo configuration permits the local administrative account to execute several entries as root user. This could allow an authenticated local attacker to inject arbitrary code and gain root access...
Code injection
A vulnerability has been identified in Spectrum Power 7 All versions V23Q4. The affected product's sudo configuration permits the local administrative account to execute several entries as root user. This could allow an authenticated local attacker to inject arbitrary code and gain root access...
CVE-2023-44120
A vulnerability has been identified in Spectrum Power 7 All versions V23Q4. The affected product's sudo configuration permits the local administrative account to execute several entries as root user. This could allow an authenticated local attacker to inject arbitrary code and gain root access...
CVE-2023-44120
SIEMENS Spectrum Power 7 (all versions before V23Q4) has CVE-2023-44120: an incorrect permission assignment in the sudo configuration allows an authenticated local attacker to run entries as root, potentially injecting arbitrary code and gaining root access. Affected product: Spectrum Power 7 (SC...
CVE-2023-44120
A vulnerability has been identified in Spectrum Power 7 All versions V23Q4. The affected product's sudo configuration permits the local administrative account to execute several entries as root user. This could allow an authenticated local attacker to inject arbitrary code and gain root access...
Siemens Spectrum Power 安全漏洞
Spectrum Power 7 provides the essential components of SCADA, communications and data modeling for control and monitoring systems. Application suites can be added to optimize network and generation management in all areas of energy management. Siemens Spectrum Power 7 suffers from a misassigned...
Vulnerabilities fixed in Siemens products
Siemens has fixed vulnerabilities in several products including. SIMATIC, SICAM, Solid Edge, Spectrum Power and Teamcenter. The vulnerabilities potentially enable a malicious party to launch attacks execute attacks that could result in the following categories of damage: Denial-of-Service DoS...
Siemens Spectrum Power 7
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...