ActiveX Control Vulnerability in Siemens Tecnomatix FactoryLink Products
CVE-2011-4056

Currently unrated

Key Information:

Vendor: Siemens
Status: Tecnomatix Factorylink
Vendor: CVE Published:; 8 January 2012

Summary

An unspecified vulnerability in the ActiveX control provided by ActBar.ocx in Siemens Tecnomatix FactoryLink versions 6.6.1, 7.5.217, and 8.0.2.54 permits remote attackers to manipulate critical files. By exploiting this flaw, attackers can leverage the 'save' method to create or overwrite files on the system, which poses a significant risk to the integrity of the affected environments and highlights the importance of maintaining secure configurations and timely updates in software systems.

References

http://www.us-cert.gov/control_systems/pdf/ICSA-11-343-01...

x_refsource_MISC

http://www.usdata.com/sea/factorylink/en/p_nav5.asp

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jan 8, 2012