This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SCADA_SIEMENS_ALM_SSA_476715.NBINSiemens Automation License Manager 5.x < 6.0 SP9 Upd4 Multiple Vulnerabilities (SSA-476715)
EPSS
Percentile
91.1%
The version of Siemens Automation License Manager installed on the remote host is version 5.x prior to 6.0 SP9 Upd4. It is, therefore, affected by multiple vulnerabilities.
-
A vulnerability has been identified in Automation License Manager V5 (All versions), Automation License Manager V6 (All versions < V6.0 SP9 Upd4). The affected components allow to rename license files with user chosen input without authentication. This could allow an unauthenticated remote attacker to rename and move files as SYSTEM user. (CVE-2022-43513)
-
A vulnerability has been identified in Automation License Manager V5 (All versions), Automation License Manager V6 (All versions < V6.0 SP9 Upd4). The affected component does not correctly validate the root path on folder related operations, allowing to modify files and folders outside the intended root directory. This could allow an unauthenticated remote attacker to execute file operations of files outside of the specified root folder. Chained with CVE-2022-43513 this could allow Remote Code Execution.
(CVE-2022-43514)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
Binary data scada_siemens_alm_ssa_476715.nbinRelated
