HIGH🇵🇱 Wersja polska

CVE-2023-40728

CVSS 7.3v3.1pub. 2023-09-12upd. 2024-11-21

A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile module of the affected application stores sensitive application data in an external insecure storage. This could allow an attacker to alter content, leading to arbitrary code execution or denial-of-service condition.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L
  • Siemens Qms Automotive

    APP
    Siemens
    < 12.39
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2021-27389CRITICAL9.8ten sam produkt

A vulnerability has been identified in Opcenter Quality (All versions < V12.2), QMS Automotive (All versions <...

CVE-2023-40724HIGH7.3ten sam produkt

A vulnerability has been identified in QMS Automotive (All versions < V12.39). User credentials are found in m...

CVE-2023-40727HIGH7.8ten sam produkt

A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile module of the af...

CVE-2023-40726HIGH8.8ten sam produkt

A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected application server...

CVE-2023-40729HIGH7.3ten sam produkt

A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected application lacks ...