First published: Tue May 09 2023(Updated: )
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The filename in the upload feature of the web based management of the affected device is susceptible to a path traversal vulnerability. This could allow an authenticated privileged remote attacker to write any file with the extension `.db`.
Credit: productcert@siemens.com
Affected Software | Affected Version | How to fix |
---|---|---|
Siemens 6gk1411-1ac00 Firmware | =2.0 | |
Siemens 6gk1411-1ac00 | ||
Siemens 6gk1411-5ac00 Firmware | =2.0 | |
Siemens 6gk1411-5ac00 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.