CVE-2020-25237: Siemens SINEC NMS FirmwareFileUtils extractToFolder Directory Traversal Remote Code Execution Vulnerability
First published: Tue Feb 09 2021(Updated: )
A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1 Update 1), SINEMA Server (All versions < V14.0 SP2 Update 2). When uploading files to an affected system using a zip container, the system does not correctly check if the relative file path of the extracted files is still within the intended target directory. With this an attacker could create or overwrite arbitrary files on an affected system. This type of vulnerability is also known as 'Zip-Slip'. (ZDI-CAN-12054)
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens Sinec Network Management System | <1.0 | |
| Siemens Sinec Network Management System | =1.0 | |
| Siemens Sinec Network Management System | =1.0-sp1 | |
| Siemens SINEMA Server | <14.0 | |
| Siemens SINEMA Server | =14.0 | |
| Siemens SINEMA Server | =14.0-sp1 | |
| Siemens SINEMA Server | =14.0-sp2 | |
| Siemens SINEMA Server | =14.0-sp2_update1 | |
| Siemens SINEC NMS | ||
| Siemens SINEC NMS SP1 Update 1 | <1.0 | 1.0 |
| Siemens SINEMA Server SP2 Update 2 | <14.0 | 14.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-25237?
CVE-2020-25237 is a vulnerability in Siemens SINEC NMS and SINEMA Server that allows remote code execution through a directory traversal vulnerability when uploading files using a zip container.
Which software versions are affected by CVE-2020-25237?
The affected software versions are SINEC NMS < V1.0 SP1 Update 1 and SINEMA Server < V14.0 SP2 Update 2.
What is the severity of CVE-2020-25237?
The severity of CVE-2020-25237 is rated as high with a CVSS score of 8.8.
How does CVE-2020-25237 work?
CVE-2020-25237 works by exploiting a directory traversal vulnerability in the file extraction process when uploading files using a zip container. This allows an attacker to execute arbitrary code remotely.
How can I mitigate the CVE-2020-25237 vulnerability?
To mitigate the CVE-2020-25237 vulnerability, it is recommended to update Siemens SINEC NMS to version 1.0 SP1 Update 1 or later, and SINEMA Server to version 14.0 SP2 Update 2 or later. Additionally, users should follow best security practices such as restricting access to the affected systems and monitoring for any suspicious activity.
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- collector/zdi-advisory
- source/ZDI
- alias/ZDI-21-253
- alias/ZDI-CAN-12054
- alias/CVE-2020-25237
- agent/software-canonical-lookup
- agent/author
- agent/severity
- agent/last-modified-date
- agent/title
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/references
- agent/softwarecombine
- agent/event
- agent/tags
- collector/ics-cert-advisory
- source/ICS
- agent/software-canonical-lookup-request
- vendor/siemens
- canonical/siemens sinec network management system
- version/siemens sinec network management system/1.0
- version/siemens sinec network management system/1.0-sp1
- canonical/siemens sinema server
- version/siemens sinema server/14.0
- version/siemens sinema server/14.0-sp1
- version/siemens sinema server/14.0-sp2
- version/siemens sinema server/14.0-sp2_update1
- canonical/siemens sinec nms
- canonical/siemens sinec nms sp1 update 1
- canonical/siemens sinema server sp2 update 2