Filtered by vendor Siemens
Subscriptions
Filtered by product Sinec Ins
Subscriptions
Total
42 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-46889 | 2 Seimens, Siemens | 2 Sinec Ins, Sinec Ins | 2024-11-13 | 5.3 Medium |
| A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application uses hard-coded cryptographic key material to obfuscate configuration files. This could allow an attacker to learn that cryptographic key material through reverse engineering of the application binary and decrypt arbitrary backup files. | ||||
| CVE-2024-46888 | 2 Seimens, Siemens | 2 Sinec Ins, Sinec Ins | 2024-11-13 | 9.9 Critical |
| A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly sanitize user provided paths for SFTP-based file up- and downloads. This could allow an authenticated remote attacker to manipulate arbitrary files on the filesystem and achieve arbitrary code execution on the device. | ||||