Buffer Overflow Vulnerability in Siemens Automation License Manager Affects Multiple Versions
CVE-2011-4529

Currently unrated

Key Information:

Vendor: Siemens
Status: Automation License Manager
Vendor: CVE Published:; 8 January 2012

Summary

Multiple buffer overflow vulnerabilities exist in the Siemens Automation License Manager (ALM) versions 4.0 through 5.1+SP1+Upd1. These vulnerabilities may be exploited by remote attackers sending specially crafted commands, specifically via the _licensekey command and associated fields, allowing them to execute arbitrary code. This issue underscores the need for proper validation and sanitization of input data to prevent potential exploitation.

References

http://support.automation.siemens.com/WW/view/en/114358

x_refsource_CONFIRM

http://aluigi.altervista.org/adv/almsrvx_1-adv.txt

x_refsource_MISC

http://support.automation.siemens.com/WW/llisapi.dll/5725...

x_refsource_CONFIRM

EPSS Score

22% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jan 8, 2012