VDB
ICSA-21-315-13
ICSA-21-315-13
PUBLISHED
CVSS 8.600000381469727 HIGH
Siemens has released hotfixes for Siveillance Video DLNA Server, which fix a path traversal vulnerability that could allow an authenticated remote attacker to access sensitive information on the DLNA server. Siemens has released updates for the DLNA server and recommends to apply the update on all installations where DLNA server used.
Risk Scores
CVSS v3.1
8.600000381469727
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siveillance Video DLNA Server |
Timeline
- Nov 9, 2021 CVE Published
- May 6, 2025 CVE Updated
References
- https://cert-portal.siemens.com/productcert/csaf/ssa-755517.json advisory
- https://cert-portal.siemens.com/productcert/txt/ssa-755517.txt advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-755517.pdf advisory
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-315-13.json advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-21-315-13 advisory
- https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01 url
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practices url
- https://www.cisa.gov/topics/industrial-control-systems url
- https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
- https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf url
- https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B url
- https://support.industry.siemens.com/cs/ww/en/view/109766085/ fix
- https://support.industry.siemens.com/cs/ww/en/view/109769052/ fix
- https://support.industry.siemens.com/cs/ww/en/view/109773456/ fix
- https://support.industry.siemens.com/cs/ww/en/view/109779088/ fix
- https://support.industry.siemens.com/cs/ww/en/view/109781128/ fix
- https://support.industry.siemens.com/cs/ww/en/view/109791980/ fix
- https://support.industry.siemens.com/cs/ww/en/view/109801904/ fix