VDB

CISA-2024-32006

CISA-2024-32006 PUBLISHED CVSS 4.3 MEDIUM

Reported by siemens · Published September 10, 2024

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 SP2). The affected application does not expire the user session on reboot without logout. This could allow an attacker to bypass Multi-Factor Authentication.

Risk Scores

CVSS 3.1
4.3
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C

Affected Products

VendorProductVersions
SiemensSINEMA Remote Connect Client0
SiemensSINEMA Remote Connect Client0, 0

Timeline

  • Sep 10, 2024 CVE Published
  • Sep 10, 2024 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›