cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-44102,https://securityvulnerability.io/vulnerability/CVE-2024-44102,Serielization Vulnerability in TeleControl Server Basic Could Allow Arbitrary Code Execution,"A vulnerability in Siemens TeleControl Server products has been identified that allows remote attackers to exploit insecure deserialization mechanisms. Specifically, all versions of the TeleControl Server Basic products (Basic 8 to 5000 V3.1) and related upgrades that are below version V3.1.2.1, when configured with redundancy, are affected. An unauthenticated attacker can send specially crafted serialized objects to the affected systems, potentially leading to arbitrary code execution with SYSTEM privileges. This presents a significant security risk, necessitating immediate action to protect deployed systems.",Siemens,"Pp Telecontrol Server Basic 1000 To 5000 V3.1,Pp Telecontrol Server Basic 256 To 1000 V3.1,Pp Telecontrol Server Basic 32 To 64 V3.1,Pp Telecontrol Server Basic 64 To 256 V3.1,Pp Telecontrol Server Basic 8 To 32 V3.1,Telecontrol Server Basic 1000 V3.1,Telecontrol Server Basic 256 V3.1,Telecontrol Server Basic 32 V3.1,Telecontrol Server Basic 5000 V3.1,Telecontrol Server Basic 64 V3.1,Telecontrol Server Basic 8 V3.1,Telecontrol Server Basic Serv Upgr,Telecontrol Server Basic Upgr V3.1",10,CRITICAL,0.0006000000284984708,false,,false,false,false,,false,false,2024-11-12T12:49:33.464Z,0