SSA-047424 — Vulnetix

SSA-047424 PUBLISHED CVSS 10 CRITICAL

OZW672 and OZW772 Web Server versions contain vulnerabilities that could allow an attacker to execute arbitrary code on the device with root privileges (in versions before V8.0) or to authenticate as Administrator user (in versions before V6.0). Siemens has released new versions for the affected products and recommends to update to the latest versions.

Risk Scores

CVSS 3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
	OZW672
	OZW772

Exploit Intelligence

https://cert-portal.siemens.com/productcert/html/ssa-047424.html (circl)
https://cert-portal.siemens.com/productcert/csaf/ssa-047424.json (circl)
https://support.industry.siemens.com/cs/ww/en/view/62567396/ (circl)
https://support.industry.siemens.com/cs/ww/en/view/62564534/ (circl)

Timeline

May 13, 2025 CVE Published

References

https://cert-portal.siemens.com/productcert/html/ssa-047424.html advisory
https://cert-portal.siemens.com/productcert/csaf/ssa-047424.json advisory
https://support.industry.siemens.com/cs/ww/en/view/62567396/ fix
https://support.industry.siemens.com/cs/ww/en/view/62564534/ fix

Open in Interactive Console →