HIGH🇵🇱 Wersja polska

CVE-2023-45205

CVSS 7.8v3.1pub. 2023-10-10upd. 2024-11-21

A vulnerability has been identified in SICAM PAS/PQS (All versions >= V8.00 < V8.20). The affected application is installed with specific files and folders with insecure permissions. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges to `NT AUTHORITY/SYSTEM`.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Siemens Sicam Pas\/pqs

    APP
    Siemens
    8.00 – 8.20 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
LPE
CWE
References

Related vulnerabilities

CVE-2022-43724CRITICAL9.8ten sam produkt

A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0). Affected software transmits the da...

CVE-2016-8567CRITICAL9.8ten sam produkt

An issue was discovered in Siemens SICAM PAS before 8.00. A factory account with hard-coded passwords is prese...

CVE-2016-9157CRITICAL9.8ten sam produkt

A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to cause a Deni...

CVE-2022-43722HIGH7.8ten sam produkt

A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0). Affected software does not properl...

CVE-2022-43723HIGH7.5ten sam produkt

A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0), SICAM PAS/PQS (All versions >= 7.0...