Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistSiemensCVELIST:CVE-2022-24408
HistoryMar 08, 2022 - 11:31 a.m.

CVE-2022-24408

2022-03-0811:31:30
CWE-269
siemens
www.cve.org
5
sinumerik mc
sinumerik one
vulnerability
escalate privileges
local attackers

AI Score

8

Confidence

High

EPSS

0

Percentile

5.1%

JSON

A vulnerability has been identified in SINUMERIK MC (All versions < V1.15 SP1), SINUMERIK ONE (All versions < V6.15 SP1). The sc SUID binary on affected devices provides several commands that are used to execute system commands or modify system files. A specific set of operations using sc could allow local attackers to escalate their privileges to root.

CNA Affected

[
  {
    "product": "SINUMERIK MC",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V1.15 SP1"
      }
    ]
  },
  {
    "product": "SINUMERIK ONE",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V6.15 SP1"
      }
    ]
  }
]

Related

prion 1
cnvd 1
ics 1
nvd 1
cve 1
prion
prion
Design/Logic Flaw
2022-03-08 12:15:00
cnvd
cnvd
Siemens SINUMERIK MC Elevation of Privilege Vulnerability
2022-03-09 00:00:00
ics
ics
Siemens SINUMERIK MC
2022-03-10 12:00:00
nvd
nvd
CVE-2022-24408
2022-03-08 12:15:11
cve
cve
CVE-2022-24408
2022-03-08 12:15:11

AI Score

8

Confidence

High

EPSS

0

Percentile

5.1%

JSON
Related for CVELIST:CVE-2022-24408
prion1cnvd1ics1nvd1cve1