2 matches found
CVE-2017-9940
Siemens SiPass integrated (all versions prior to 2.70) contains CVE-2017-9940, an improper privilege management flaw that could allow an attacker with a low-privileged network user account to read or write files on the SiPass server over the network. Root cause: improper privilege handling enabli...
Siemens Patches Authentication Bypass Flaw in SiPass Server
A handful of vulnerabilities in Siemens’ SiPass integrated server have been patched, including one that allows an attacker to bypass authentication on the box. SiPass is the company’s integrated access control server managing physical access in a number of industries and use cases. The product...