CVE-2015-1596

Currently unrated

Key Information:

Vendor: Siemens
Status: Spcanywhere
Vendor: CVE Published:; 7 March 2015

Summary

The Siemens SPCanywhere application for Android and iOS does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

References

http://www.siemens.com/innovation/pool/de/forschungsfelde...

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 7, 2015
Vulnerability Reserved
Feb 13, 2015