Lucene search
SiemensCVELIST:CVE-2020-10055HistoryAug 14, 2020 - 3:24 p.m.
CVE-2020-10055
2020-08-1415:24:06
CWE-94
siemens
www.cve.org
A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). Affected applications are delivered with a 3rd party component (BIRT) that contains a remote code execution vulnerability if the Advanced Reporting Engine is enabled. The vulnerability could allow a remote unauthenticated attacker to execute arbitrary commands on the server with SYSTEM privileges.
CNA Affected
[
{
"product": "Desigo CC",
"vendor": "Siemens AG",
"versions": [
{
"status": "affected",
"version": "V4.x"
}
]
},
{
"product": "Desigo CC",
"vendor": "Siemens AG",
"versions": [
{
"status": "affected",
"version": "V3.x"
}
]
},
{
"product": "Desigo CC Compact",
"vendor": "Siemens AG",
"versions": [
{
"status": "affected",
"version": "V4.x"
}
]
},
{
"product": "Desigo CC Compact",
"vendor": "Siemens AG",
"versions": [
{
"status": "affected",
"version": "V3.x"
}
]
}
]Related
prion
prion
Remote code execution
2020-08-14 16:15:00
nvd
nvd
CVE-2020-10055
2020-08-14 16:15:16
ics
ics
Siemens Desigo CC
2020-08-11 12:00:00
cve
cve
CVE-2020-10055
2020-08-14 16:15:16