| |
Podatność CVE-2024-47553
Publikacja: 2024-10-08
| Opis: |
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly validate user input to the ```ssmctl-client``` command.
This could allow an authenticated, lowly privileged remote attacker to execute arbitrary code with root privileges on the underlying OS. |
Typ:
CWE-88 (Argument Injection or Modification)
Referencje: |
https://cert-portal.siemens.com/productcert/html/ssa-430425.html
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
Polish
English