SSA-692317 — Vulnetix

SSA-692317 PUBLISHED CVSS 9.800000190734863 CRITICAL

The latest update for Industrial Edge fixes a vulnerability that could allow an unauthenticated attacker to change the password of any user in the system. With this an attacker could impersonate any valid user on an affected system. Siemens has released updates for the affected products and recommends to update to the latest versions.

Risk Scores

CVSS 3.1

9.800000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

Affected Products

Vendor	Product	Versions
	Industrial Edge Management

Exploit Intelligence

https://cert-portal.siemens.com/productcert/pdf/ssa-692317.pdf (circl)
https://cert-portal.siemens.com/productcert/txt/ssa-692317.txt (circl)
https://cert-portal.siemens.com/productcert/csaf/ssa-692317.json (circl)
https://iehub.eu1.edge.siemens.cloud/ (circl)

Timeline

CVE Published

References

https://cert-portal.siemens.com/productcert/pdf/ssa-692317.pdf advisory
https://cert-portal.siemens.com/productcert/txt/ssa-692317.txt advisory
https://cert-portal.siemens.com/productcert/csaf/ssa-692317.json advisory
https://iehub.eu1.edge.siemens.cloud/ fix

Open in Interactive Console →