Lucene search
K

142 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:19 a.m.10 views

CVE-2019-6579

A vulnerability has been identified in Spectrum Power 4 with Web Office Portal. An attacker with network access to the web server on port 80/TCP or 443/TCP could execute system commands with administrative privileges. The security vulnerability could be exploited by an unauthenticated attacker wi...

9.8CVSS7.4AI score0.02285EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 8:2 a.m.6 views

CVE-2024-29119

A vulnerability has been identified in Spectrum Power 7 All versions V24Q3. The affected product contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges...

8.5CVSS6.6AI score0.00141EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.8 views

The vulnerability of the Spectrum Power 7 software, related to incorrect privilege assignment, allows a perpetrator to elevate their privileges.

The vulnerability of the Spectrum Power 7 software is related to the improper assignment of privileges by running binary files with the SUID privilege. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS7.4AI score0.00141EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2024/11/13 12:0 a.m.6 views

Siemens Spectrum Power Elevation of Privilege Vulnerability

Spectrum Power provides the essential components of SCADA, communications and data modeling for control and monitoring systems. An elevation of privilege vulnerability exists in Siemens Spectrum Power, which can be exploited by an authenticated, local attacker to elevate privileges...

8.5CVSS6.7AI score0.00141EPSS
Exploits0References1
OSV
OSV
added 2024/11/12 1:15 p.m.5 views

CVE-2024-29119

A vulnerability has been identified in Spectrum Power 7 All versions V24Q3. The affected product contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges...

8.5CVSS5.7AI score0.00141EPSS
Exploits0References1
NVD
NVD
added 2024/11/12 1:15 p.m.12 views

CVE-2024-29119

A vulnerability has been identified in Spectrum Power 7 All versions V24Q3. The affected product contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges...

8.5CVSS0.00141EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/12 12:49 p.m.10 views

CVE-2024-29119

A vulnerability has been identified in Spectrum Power 7 All versions V24Q3. The affected product contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges...

8.5CVSS6.7AI score0.00141EPSS
Exploits0References1
CVE
CVE
added 2024/11/12 12:49 p.m.59 views

CVE-2024-29119

CVE-2024-29119 affects Siemens Spectrum Power 7 prior to V24Q3. The product contains root-owned SUID binaries that authenticated local attackers could leverage to escalate privileges (local, low complexity). CVSS vectors in the initial record indicate High impact to confidentiality, integrity, an...

8.5CVSS6.7AI score0.00141EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/11/12 12:49 p.m.15 views

CVE-2024-29119

A vulnerability has been identified in Spectrum Power 7 All versions V24Q3. The affected product contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges...

8.5CVSS0.00141EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/12 12:0 a.m.4 views

Siemens Spectrum Power 安全漏洞

Spectrum Power provides the essential components of SCADA, communications and data modeling for control and monitoring systems. An elevation of privilege vulnerability exists in Siemens Spectrum Power, which can be exploited by an authenticated, local attacker to elevate privileges...

8.5CVSS6.9AI score0.00141EPSS
Exploits0References1
ICS
ICS
added 2024/11/12 12:0 a.m.12 views

Siemens Spectrum Power 7

SUMMARY Spectrum Power 7 before V24Q3 contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges. Siemens has released a new version for Spectrum Power 7 and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS Operators of...

8.5CVSS7AI score0.00141EPSS
Exploits0References10
OSV
OSV
added 2024/01/09 10:15 a.m.5 views

CVE-2023-44120

A vulnerability has been identified in Spectrum Power 7 All versions V23Q4. The affected product's sudo configuration permits the local administrative account to execute several entries as root user. This could allow an authenticated local attacker to inject arbitrary code and gain root access...

7.8CVSS6AI score0.00148EPSS
Exploits0References1
NVD
NVD
added 2024/01/09 10:15 a.m.45 views

CVE-2023-44120

A vulnerability has been identified in Spectrum Power 7 All versions V23Q4. The affected product's sudo configuration permits the local administrative account to execute several entries as root user. This could allow an authenticated local attacker to inject arbitrary code and gain root access...

7.8CVSS7.7AI score0.00148EPSS
Exploits0References1
Prion
Prion
added 2024/01/09 10:15 a.m.18 views

Code injection

A vulnerability has been identified in Spectrum Power 7 All versions V23Q4. The affected product's sudo configuration permits the local administrative account to execute several entries as root user. This could allow an authenticated local attacker to inject arbitrary code and gain root access...

4.3CVSS7.5AI score0.00148EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/09 9:59 a.m.37 views

CVE-2023-44120

A vulnerability has been identified in Spectrum Power 7 All versions V23Q4. The affected product's sudo configuration permits the local administrative account to execute several entries as root user. This could allow an authenticated local attacker to inject arbitrary code and gain root access...

7.8CVSS7.8AI score0.00148EPSS
Exploits0References1
CVE
CVE
added 2024/01/09 9:59 a.m.51 views

CVE-2023-44120

SIEMENS Spectrum Power 7 (all versions before V23Q4) has CVE-2023-44120: an incorrect permission assignment in the sudo configuration allows an authenticated local attacker to run entries as root, potentially injecting arbitrary code and gaining root access. Affected product: Spectrum Power 7 (SC...

7.8CVSS7.6AI score0.00148EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/09 9:59 a.m.14 views

CVE-2023-44120

A vulnerability has been identified in Spectrum Power 7 All versions V23Q4. The affected product's sudo configuration permits the local administrative account to execute several entries as root user. This could allow an authenticated local attacker to inject arbitrary code and gain root access...

7.8CVSS7.2AI score0.00148EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/09 12:0 a.m.5 views

Siemens Spectrum Power 安全漏洞

Spectrum Power 7 provides the essential components of SCADA, communications and data modeling for control and monitoring systems. Application suites can be added to optimize network and generation management in all areas of energy management. Siemens Spectrum Power 7 suffers from a misassigned...

7.8CVSS7.3AI score0.00148EPSS
Exploits0References3
NCSC
NCSC
added 2024/01/09 12:0 a.m.95 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in several products including. SIMATIC, SICAM, Solid Edge, Spectrum Power and Teamcenter. The vulnerabilities potentially enable a malicious party to launch attacks execute attacks that could result in the following categories of damage: Denial-of-Service DoS...

10CVSS7.6AI score0.00646EPSS
Exploits0
ICS
ICS
added 2024/01/09 12:0 a.m.52 views

Siemens Spectrum Power 7

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

7.8CVSS7.9AI score0.00148EPSS
Exploits0References12
Rows per page
Query Builder