First published: Tue Oct 08 2024(Updated: )
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly neutralize special elements in user input to the ```ssmctl-client``` command. This could allow an authenticated, lowly privileged local attacker to execute privileged commands in the underlying OS.
Credit: productcert@siemens.com
Affected Software | Affected Version | How to fix |
---|---|---|
Siemens SINEC Security Monitor | <4.9.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.