VDB
CISA-2024-39871
CISA-2024-39871
PUBLISHED
CVSS 6.3 MEDIUM
Reported by siemens · Published July 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected applications do not properly separate the rights to edit device settings and to edit settings for communication relations. This could allow an authenticated attacker with the permission to manage devices to gain access to participant groups that the attacked does not belong to.
Risk Scores
CVSS 3.1
6.3
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | SINEMA Remote Connect Server | 0 |
| Siemens | SINEMA Remote Connect Server | 0, 0 |
Timeline
- Jul 9, 2024 CVE Published
- Aug 27, 2025 CVE Updated