A vulnerability has been identified in SIPORT MP (All versions < 3.1.4). Vulnerable versions of the device allow the creation of special accounts (βservice usersβ) with administrative privileges that could enable a remote authenticated attacker to perform actions that are not visible to other users of the system, such as granting persons access to a secured area.
[
{
"product": "SIPORT MP",
"vendor": "Siemens AG",
"versions": [
{
"status": "affected",
"version": "All versions < 3.1.4"
}
]
}
]