2 matches found
CVE-2020-28392
Siemens SIMARIS configuration is affected by CVE-2020-28392: all versions prior to 4.0.1 install with incorrect default permissions on the application folder and subfolders, enabling persistence or privilege escalation for users with elevated credentials. The ICS advisory confirms the vulnerabili...
Siemens SIMARIS Configuration (Update A)
1. EXECUTIVE SUMMARY CVSS v3 4.4 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: SIMARIS configuration Vulnerability: Incorrect Default Permissions 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-040-08 Siemens SIMARIS...