Lucene search
China National Vulnerability DatabaseCNVD-2023-02705HistoryJan 13, 2023 - 12:00 a.m.
External control vulnerability in Siemens Automation License Manager filename or path
2023-01-1300:00:00
China National Vulnerability Database
www.cnvd.org.cn
18
siemens
automation license manager
vulnerability
external control
file names
paths
unauthenticated remote attacker
system user
security document
EPSS
0.002
Percentile
59.0%
Automation License Manager (ALM) centrally manages the license keys for various Siemens software products. Software products that require a license key automatically report this requirement to ALM. When ALM finds a valid license key for this software, the software can be used according to the end user license agreement.An external control vulnerability exists in Siemens Automation License Manager for file names or paths, which can be exploited by an unauthenticated remote attacker to rename and move files as a SYSTEM user.
Related
nvd
nvd
CVE-2022-43513
2023-01-10 12:15:23
CVE-2022-43514
2023-01-10 12:15:23
prion
prion
Authentication flaw
2023-01-10 12:15:00
Remote code execution
2023-01-10 12:15:00
cvelist
cvelist
CVE-2022-43513
2023-01-10 11:39:38
CVE-2022-43514
2023-01-10 11:39:39
cve
cve
CVE-2022-43513
2023-01-10 12:15:23
CVE-2022-43514
2023-01-10 12:15:23
nessus
nessus
ics
ics
Siemens Automation License Manager
2023-01-13 12:00:00
Siemens Telecontrol Server Basic
2024-04-11 12:00:00
thn
thn