← Back to home
SIEMENS-SSA-324467  ·  Published 2019-04-09  ·  View on Siemens ProductCERT ↗

SSA-324467 (Last Update: 2019-04-09): OS Command Injection in Spectrum Power 4.7

CVSS N/A MEDIUM

Risk Summary

<p>Versions of Spectrum Power™ 4, that use the customer specific project enhancement (PE) Web Office Portal (WOP) are affected by a possible OS Command Injection vulnerability. Siemens has released patches for the affected version and recommends to apply specific countermeasures until these patches can be applied.</p>

Remediations

  • Refer to Siemens ProductCERT advisory for patch and remediation guidance.

Affected Vendors

Siemens

Affected Products (1)

Siemens · SSA-324467 (Last Update: 2019-04-09): OS Command Injection in Spectrum Power 4.7 See advisory

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more