Podatność CVE-2024-47553


Publikacja: 2024-10-08

Opis:
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly validate user input to the ```ssmctl-client``` command.
This could allow an authenticated, lowly privileged remote attacker to execute arbitrary code with root privileges on the underlying OS.

Typ:

CWE-88

(Argument Injection or Modification)

 Referencje:
https://cert-portal.siemens.com/productcert/html/ssa-430425.html

Copyright 2024, cxsecurity.com

 

Back to Top