PT-2025-49839

A vulnerability has been identified in SINEC Security Monitor All versions V4.10.0. The affected application does not have proper authorization checks for the file transfer feature in ssmctl-client command. This could allow an authenticated, lowly privileged local attacker to read or write to any...

The vulnerability of SINEC Security Monitor’s security software lies in the fact that it allows for the execution of arbitrary code with root privileges, as long as these arguments are implemented or modified.

The vulnerability of SINEC Security Monitor’s security software lies in its incorrect processing of data entered by users via the ssmctl-client command. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with root privileges remotely...

CVE-2024-47553

A vulnerability has been identified in SINEC Security Monitor All versions V4.9.0. The affected application does not properly validate user input to the ssmctl-client command. This could allow an authenticated, lowly privileged remote attacker to execute arbitrary code with root privileges on the...

CVE-2024-47562

CVE-2024-47562 affects Siemens SINEC Security Monitor (all versions

Siemens SINEC Security Monitor 参数注入漏洞

SINEC Security Monitor is a modular network security software for passive, non-intrusive, continuous network security monitoring during production processes at customer sites. Siemens SINEC Security Monitor suffers from a parameter injection vulnerability that stems from a failure to properly...

PT-2024-7415 · Siemens · Siemens Sinec Security Monitor

Name of the Vulnerable Software and Affected Versions: Siemens SINEC Security Monitor versions prior to V4.9.0 Description: The issue is related to the incorrect processing of user input data in the ssmctl-client command, which could allow a remote attacker to execute arbitrary code with root...