Main Vulnerability Database Vulnerabilities #VU48892

#VU48892 Protection Mechanism Failure in Siemens products - CVE-2020-28396

Published: December 9, 2020

Vulnerability identifier: #VU48892

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2020-28396

CWE-ID: CWE-693

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
SICAM A8000 CP-8000
SICAM A8000 CP-8021
SICAM A8000 CP-8022

Software vendor:
Siemens

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to insufficient implementation of security measures. An attacker can bypass implemented security restrictions and elevate privileges on the system.

Remediation

Install updates from vendor's website.

External links

https://ics-cert.us-cert.gov/advisories/icsa-20-343-07

#VU48892 Protection Mechanism Failure in Siemens products - CVE-2020-28396

Description

Remediation

External links

Please verify you're human