Spcanywhere@* Security Vulnerabilities and Issues — Spcanywhere@* CVE List

Lucene search

SiemensSpcanywhere*

5 matches found

cve•added 2015/03/07 2:59 a.m.•49 views

CVE-2015-1595

The Siemens SPCanywhere application for Android and iOS does not use encryption during lookups of system ID to IP address mappings, which allows man-in-the-middle attackers to discover alarm IP addresses and spoof servers by intercepting the client-server data stream.

4.3CVSS6.3AI score0.00141EPSS

cve•added 2015/03/07 2:59 a.m.•42 views

CVE-2015-1597

The Siemens SPCanywhere application for Android does not use encryption during the loading of code, which allows man-in-the-middle attackers to execute arbitrary code by modifying the client-server data stream.

6.8CVSS7.7AI score0.00403EPSS

cve•added 2015/03/07 2:59 a.m.•42 views

CVE-2015-1599

The Siemens SPCanywhere application for iOS allows physically proximate attackers to bypass intended access restrictions by leveraging a filesystem architectural error.

2.1CVSS6.4AI score0.00061EPSS

cve•added 2015/03/07 2:59 a.m.•39 views

CVE-2015-1596

The Siemens SPCanywhere application for Android and iOS does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

5.8CVSS5.7AI score0.00137EPSS

cve•added 2015/03/07 2:59 a.m.•37 views

CVE-2015-1598

The Siemens SPCanywhere application for Android does not properly store application passwords, which allows physically proximate attackers to obtain sensitive information by examining the device filesystem.

2.1CVSS6.1AI score0.00063EPSS