Publication Date: | 2022-04-12 |
Last Update: | 2022-04-12 |
Current Version: | V1.0 |
CVSS v3.1 Base Score: | 10.0 |
Affected Product and Versions | Remediation |
---|---|
SIMATIC Energy Manager Basic:
All versions < V7.3 Update 1 |
Update to V7.3 Update 1 or later version
https://support.industry.siemens.com/cs/ww/en/view/109808211/ See further recommendations from section Workarounds and Mitigations |
SIMATIC Energy Manager PRO:
All versions < V7.3 Update 1 |
Update to V7.3 Update 1 or later version
https://support.industry.siemens.com/cs/ww/en/view/109808211/ See further recommendations from section Workarounds and Mitigations |
CVSS v3.1 Base Score | 7.3 |
CVSS Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
CWE: | CWE-732: Incorrect Permission Assignment for Critical Resource |
CVSS v3.1 Base Score | 7.3 |
CVSS Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
CWE: | CWE-427: Uncontrolled Search Path Element |
CVSS v3.1 Base Score | 10.0 |
CVSS Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C |
CWE: | CWE-502: Deserialization of Untrusted Data |