| |
Vulnerability CVE-2024-47553
Published: 2024-10-08
| Description: |
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly validate user input to the ```ssmctl-client``` command.
This could allow an authenticated, lowly privileged remote attacker to execute arbitrary code with root privileges on the underlying OS. |
Type:
CWE-88 (Argument Injection or Modification)
References: |
https://cert-portal.siemens.com/productcert/html/ssa-430425.html
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
