Siemens SINEC Security Monitor Vulnerability: Authentication Bypass Risk
CVE-2024-47565

5.3MEDIUM

Key Information:

Vendor: Siemens
Status: Sinec Security Monitor
Vendor: CVE Published:; 8 October 2024

What is CVE-2024-47565?

A vulnerability has been identified in SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly validate that user input complies with a list of allowed values. This could allow an authenticated remote attacker to compromise the integrity of the configuration of the affected application.

Affected Version(s)

SINEC Security Monitor 0

References

https://cert-portal.siemens.com/productcert/html/ssa-4304...

CVSS V4

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 8, 2024
Vulnerability Reserved
Sep 27, 2024

CVE-2024-47565 Data

JSON