VDB
CVE-2021-45460
CVE-2021-45460
PUBLISHED
CVSS 8.100000381469727 HIGH
A vulnerability has been identified in SICAM PQ Analyzer (All versions < V3.18). A service is started by an unquoted registry entry. As there are spaces in this path, attackers with write privilege to those directories might be able to plant executables that will run in place of the legitimate process. Attackers might achieve persistence on the system ("backdoors") or cause a denial of service.
EPSS 0.44% · 63.4th percentile
Risk Scores
CVSS 3.1
8.100000381469727
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
EPSS Score
0.44%
63.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| siemens | sicam_pq_analyzer_firmware | 0 |
| Siemens | SICAM PQ Analyzer | * |
Timeline
- Jan 11, 2022 CVE Published
- Jan 12, 2022 EPSS Score
- Jan 19, 2022 CVE Updated
- Mar 6, 2022 EPSS Score
- Apr 29, 2022 EPSS Score
- Jun 21, 2022 EPSS Score
- Aug 15, 2022 EPSS Score
- Oct 7, 2022 EPSS Score
- Nov 29, 2022 EPSS Score
- Jan 22, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 16, 2023 EPSS Score
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-324998.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-439673.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-995338.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-173318.pdf advisory
- https://nvd.nist.gov/vuln/detail/CVE-2021-45460 advisory