Local Privilege Escalation Vulnerability in Medicalis Workflow Orchestrator
CVE-2024-37999
7.8HIGH
What is CVE-2024-37999?
A privilege escalation vulnerability exists in the Medicalis Workflow Orchestrator, which operates under a trusted account with elevated privileges and broad network access. This vulnerability allows authenticated local attackers to potentially escalate their privileges within the system, posing significant security risks. It is crucial for users of the Medicalis Workflow Orchestrator to review the implications of this vulnerability and implement mitigations as recommended by the vendor.
Affected Version(s)
Medicalis Workflow Orchestrator 0
News Articles

CVE-2024-37999 : SIEMENS MEDICALIS WORKFLOW ORCHESTRATOR IMPROPER OWNERSHIP MANAGEMENT - Cloud WAF
CVE-2024-37999 : A vulnerability has been identified in Medicalis Workflow Orchestrator (All versions). The affected application executes as a trusted account with high privileges and network access.