26 matches found
Vulnerabilities fixed in Siemens products
Siemens has fixed vulnerabilities in various products such as Desigo, NX, Polarion, SENTRON, Simcenter, SINEC, SIPORT, Siveillance, Solid Edge, The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the following categories of damage: - Denial-of-Service D...
CVE-2020-7591
A vulnerability has been identified in SIPORT MP All versions 3.2.1. Vulnerable versions of the device could allow an authenticated attacker to impersonate other users of the system and perform potentially administrative actions on behalf of those users if the single sign-on feature "Allow logon...
EUVD-2020-28716
Malware in sbrugna...
EUVD-2019-8901
Malware in sbrugna...
EUVD-2024-42687
Malicious code in bioql PyPI...
CVE-2019-19277
A vulnerability has been identified in SIPORT MP All versions 3.1.4. Vulnerable versions of the device allow the creation of special accounts "service users" with administrative privileges that could enable a remote authenticated attacker to perform actions that are not visible to other users of...
CVE-2024-47783
A vulnerability has been identified in SIPORT All versions V3.4.0. The affected application improperly assigns file permissions to installation folders. This could allow a local attacker with an unprivileged account to override or modify the service executables and subsequently gain elevated...
Siemens SIPORT Elevation of Privilege Vulnerability
SIPORT is a comprehensive, modular and reliable system for access control and time management in the Monitoring Access Suite. An elevation of privilege vulnerability exists in Siemens SIPORT, which can be exploited by a local attacker with an unprivileged account to overwrite or modify the servic...
CVE-2024-47783
A vulnerability has been identified in SIPORT All versions V3.4.0. The affected application improperly assigns file permissions to installation folders. This could allow a local attacker with an unprivileged account to override or modify the service executables and subsequently gain elevated...
CVE-2024-47783
A vulnerability has been identified in SIPORT All versions V3.4.0. The affected application improperly assigns file permissions to installation folders. This could allow a local attacker with an unprivileged account to override or modify the service executables and subsequently gain elevated...
CVE-2024-47783
The CVE-2024-47783 issue affects SIPORT (Siemens) versions prior to V3.4.0. The vulnerability arises from improper file permissions on installation folders, enabling a local unprivileged attacker to override or modify service executables and achieve elevated privileges. Public disclosures and adv...
CVE-2024-47783
A vulnerability has been identified in SIPORT All versions V3.4.0. The affected application improperly assigns file permissions to installation folders. This could allow a local attacker with an unprivileged account to override or modify the service executables and subsequently gain elevated...
CVE-2024-47783
A vulnerability has been identified in SIPORT All versions V3.4.0. The affected application improperly assigns file permissions to installation folders. This could allow a local attacker with an unprivileged account to override or modify the service executables and subsequently gain elevated...
Siemens SIPORT MP 安全漏洞
SIPORT is a comprehensive, modular and reliable system for access control and time management in the Monitoring Access Suite. An elevation of privilege vulnerability exists in Siemens SIPORT, which can be exploited by a local attacker with an unprivileged account to overwrite or modify the servic...
CVE-2020-7591
A vulnerability has been identified in SIPORT MP All versions 3.2.1. Vulnerable versions of the device could allow an authenticated attacker to impersonate other users of the system and perform potentially administrative actions on behalf of those users if the single sign-on feature "Allow logon...
CVE-2020-7591
A vulnerability has been identified in SIPORT MP All versions 3.2.1. Vulnerable versions of the device could allow an authenticated attacker to impersonate other users of the system and perform potentially administrative actions on behalf of those users if the single sign-on feature "Allow logon...
Design/Logic Flaw
A vulnerability has been identified in SIPORT MP All versions 3.2.1. Vulnerable versions of the device could allow an authenticated attacker to impersonate other users of the system and perform potentially administrative actions on behalf of those users if the single sign-on feature "Allow logon...
CVE-2020-7591
CVE-2020-7591 affects SIPORT MP (all versions prior to 3.2.1). The flaw is described as Use of client-side authentication (CWE-603), enabling an authenticated attacker to impersonate other users and perform (potentially administrative) actions on behalf of those users if the single sign-on featur...
CVE-2020-7591
A vulnerability has been identified in SIPORT MP All versions 3.2.1. Vulnerable versions of the device could allow an authenticated attacker to impersonate other users of the system and perform potentially administrative actions on behalf of those users if the single sign-on feature "Allow logon...
Siemens SIPORT MP
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIPORT MP Vulnerability : Use of client-side authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to impersonate...