← Back to home
SIEMENS-SSA-884497  ·  Published 2019-09-10  ·  View on Siemens ProductCERT ↗

SSA-884497 (Last Update: 2019-09-10): Multiple Vulnerabilities in SINEMA Remote Connect Server

CVSS N/A MEDIUM

Risk Summary

<p>The latest update for SINEMA Remote Connect Server fixes four vulnearbilities in the web interface. Two of the vulnerabilities are missing protection mechanisms for password guessing and for Cross Site Request Forgery attacks, the third one is a missing authentication check, and the fourth one could allow an attacker with administrative privileges to obtain a device password hash.</p> <p>Siemens has released updates and recommends to update to the newest version.</p>

Remediations

  • Refer to Siemens ProductCERT advisory for patch and remediation guidance.

Affected Vendors

Siemens

Affected Products (1)

Siemens · SSA-884497 (Last Update: 2019-09-10): Multiple Vulnerabilities in SINEMA Remote Connect Server See advisory

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more