Filtered by vendor Siemens
Subscriptions
Filtered by product Sicam Toolbox Ii
Subscriptions
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-31853 | 1 Siemens | 1 Sicam Toolbox Ii | 2025-07-08 | 8.1 High |
| A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During establishment of a https connection to the TLS server of a managed device, the affected application doesn't check the extended key usage attribute of that device's certificate. This could allow an attacker to execute an on-path network (MitM) attack. | ||||
| CVE-2024-31854 | 1 Siemens | 1 Sicam Toolbox Ii | 2025-07-08 | 8.1 High |
| A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During establishment of a https connection to the TLS server of a managed device, the affected application doesn't check device's certificate common name against an expected value. This could allow an attacker to execute an on-path network (MitM) attack. | ||||
| CVE-2022-39062 | 1 Siemens | 1 Sicam Toolbox Ii | 2025-02-27 | 7.8 High |
| A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.10). Affected applications do not properly set permissions for product folders. This could allow an authenticated attacker with low privileges to replace DLLs and conduct a privilege escalation. | ||||
| CVE-2023-38641 | 1 Siemens | 1 Sicam Toolbox Ii | 2025-02-27 | 7.8 High |
| A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.10). The affected application's database service is executed as `NT AUTHORITY\SYSTEM`. This could allow a local attacker to execute operating system commands with elevated privileges. | ||||
| CVE-2021-45106 | 1 Siemens | 1 Sicam Toolbox Ii | 2024-11-21 | 6.5 Medium |
| A vulnerability has been identified in SICAM TOOLBOX II (All versions). Affected applications use a circumventable access control within a database service. This could allow an attacker to access the database. | ||||
Page 1 of 1.