Local Privilege Escalation Vulnerability in Medicalis Workflow Orchestrator
CVE-2024-37999
Summary
A privilege escalation vulnerability exists in the Medicalis Workflow Orchestrator, which operates under a trusted account with elevated privileges and broad network access. This vulnerability allows authenticated local attackers to potentially escalate their privileges within the system, posing significant security risks. It is crucial for users of the Medicalis Workflow Orchestrator to review the implications of this vulnerability and implement mitigations as recommended by the vendor.
Affected Version(s)
Medicalis Workflow Orchestrator 0
Get notified when SecurityVulnerability.io launches alerting π
Well keep you posted π§
News Articles
prophaze.comCVE-2024-37999CVE-2024-37999 : SIEMENS MEDICALIS WORKFLOW ORCHESTRATOR IMPROPER OWNERSHIP MANAGEMENT - Cloud WAF
CVE-2024-37999 : A vulnerability has been identified in Medicalis Workflow Orchestrator (All versions). The affected application executes as a trusted account with high privileges and network access.
7 months ago
References
CVSS V3.1
Timeline
- π°
First article discovered by prophaze.com
Vulnerability published
Vulnerability Reserved