First published: Fri Sep 13 2019(Updated: )
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). An attacker with administrative privileges can obtain the hash of a connected device's password. The security vulnerability could be exploited by an attacker with network access to the SINEMA Remote Connect Server and administrative privileges. At the time of advisory publication no public exploitation of this security vulnerability was known.
Credit: productcert@siemens.com
Affected Software | Affected Version | How to fix |
---|---|---|
Siemens SINEMA Remote Connect Server | <=2.0 | |
Siemens SINEMA Remote Connect Server | =2.0-hf1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2019-13922.
The severity of CVE-2019-13922 is medium.
All versions of Siemens SINEMA Remote Connect Server before V2.0 SP1, including version 2.0-hf1, are affected.
An attacker with administrative privileges can obtain the hash of a connected device's password.
The security vulnerability in CVE-2019-13922 can be exploited by an attacker with network access to the SINEMA Remote Connect Server.