CVE-2021-45460 — Vulnetix

Try Vulnetix Request Demo

CVE-2021-45460 PUBLISHED CVSS 8.100000381469727 HIGH

A vulnerability has been identified in SICAM PQ Analyzer (All versions < V3.18). A service is started by an unquoted registry entry. As there are spaces in this path, attackers with write privilege to those directories might be able to plant executables that will run in place of the legitimate process. Attackers might achieve persistence on the system ("backdoors") or cause a denial of service.

EPSS 0.44% · 62.9th percentile

Risk Scores

CVSS v3.1

8.100000381469727

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

EPSS Score

0.44%

62.9th percentile

Affected Products

Vendor	Product	Versions
siemens	sicam_pq_analyzer_firmware	0
Siemens	SICAM PQ Analyzer	*

Timeline

Jan 11, 2022 CVE Published
Jan 12, 2022 EPSS Score
Mar 6, 2022 EPSS Score
Apr 28, 2022 EPSS Score
Jun 19, 2022 EPSS Score
Aug 12, 2022 EPSS Score
Oct 4, 2022 EPSS Score
Nov 26, 2022 EPSS Score
Jan 18, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 11, 2023 EPSS Score
May 3, 2023 EPSS Score

References

Open in Interactive Console →