VDB
ICSA-20-224-07
ICSA-20-224-07
PUBLISHED
CVSS 7.300000190734863 HIGH
Successful exploitation of this vulnerability could allow an attacker to locally escalate privileges and modify files that should be protected against writing.
Risk Scores
CVSS v3.1
7.300000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:P/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Automation License Manager 5: All versions | ||
| Automation License Manager 6: All versions < V6.0.8 |
Timeline
- Aug 11, 2020 CVE Published
References
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2020/icsa-20-224-07.json advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-20-224-07 advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-388646.pdf url
- https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
- https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B url
- https://cert-portal.siemens.com/productcert/txt/SSA-388646.txt url
- https://support.industry.siemens.com/cs/ww/en/view/114358 fix