File Manipulation Vulnerability in Siemens Automation License Manager
CVE-2016-8565
9.1CRITICAL
Summary
Siemens Automation License Manager (ALM) prior to version 5.3 SP3 is susceptible to a file manipulation vulnerability that enables remote attackers to craft specific packets. This allows unauthorized actions, such as writing to files, renaming files, creating new directories, or deleting existing directories, thereby compromising the integrity and availability of the system.
References
CVSS V3.1
Score:
9.1
Severity:
CRITICAL
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved