Access Bypass in Siemens SPCanywhere for iOS due to Filesystem Error
CVE-2015-1599

Currently unrated

Key Information:

Vendor: Siemens
Status: Spcanywhere
Vendor: CVE Published:; 7 March 2015

Summary

The SPCanywhere application for iOS by Siemens is susceptible to an access bypass vulnerability stemming from an error in its filesystem architecture. Attackers located physically near the device can exploit this flaw to circumvent implemented access restrictions, potentially leading to unauthorized access and manipulation of sensitive data. This vulnerability emphasizes the need for robust security measures to safeguard applications, especially those handling critical information.

References

http://www.siemens.com/innovation/pool/de/forschungsfelde...

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 7, 2015
Vulnerability Reserved
Feb 13, 2015