cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-29119,https://securityvulnerability.io/vulnerability/CVE-2024-29119,Local Privilege Escalation Vulnerability Affects Spectrum Power 7,"A vulnerability exists within Spectrum Power 7, affecting all versions prior to V24Q3, where several root-owned SUID binaries can be exploited by authenticated local attackers. This issue presents a significant risk as it may allow unauthorized escalation of privileges, enabling attackers to gain heightened access rights within the system. Organizations utilizing affected versions of Spectrum Power 7 should prioritize applying updates to mitigate potential exploitation of this critical vulnerability.",Siemens,Spectrum Power 7,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,2024-11-12T12:49:27.011Z,0
CVE-2023-44120,https://securityvulnerability.io/vulnerability/CVE-2023-44120,Local Code Execution Vulnerability in Siemens Spectrum Power 7,"A vulnerability has been discovered in Spectrum Power 7, where improper sudo configuration enables the local administrative account to execute commands as the root user. This situation creates an avenue for authenticated local attackers to inject arbitrary code, potentially compromising system integrity and security. All versions earlier than V23Q4 are affected by this issue, necessitating prompt action from users to mitigate risks.",Siemens,Spectrum Power 7,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,false,false,2024-01-09T10:15:00.000Z,0
CVE-2023-38557,https://securityvulnerability.io/vulnerability/CVE-2023-38557,Improper Access Control in Spectrum Power 7 by Siemens,"A security vulnerability has been discovered in Spectrum Power 7, which affects all versions prior to V23Q3. The issue stems from improper access rights assigned to the update script, enabling authenticated local attackers to potentially inject arbitrary code. This flaw may lead to privilege escalation, allowing malicious actors to gain unauthorized control over the affected system. Immediate analysis and remediation are essential for users running the impacted versions.",Siemens,Spectrum Power 7,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,false,false,2023-09-14T11:15:00.000Z,0
CVE-2022-26476,https://securityvulnerability.io/vulnerability/CVE-2022-26476,Unauthenticated Access Vulnerability in Spectrum Power by Siemens,"A significant vulnerability exists in Spectrum Power systems where an unauthenticated attacker can exploit the Shared HIS component by utilizing default credentials. This potential security flaw enables an attacker to gain administrative access to the system, posing serious risks to data integrity and system control. Organizations using affected Spectrum Power versions should prioritize reviewing their deployed systems and update authentication practices to safeguard against unauthorized access.",Siemens,"Spectrum Power 4,Spectrum Power 7,Spectrum Power Mgms",8.8,HIGH,0.0005300000193528831,false,,false,false,false,,false,false,2022-06-14T09:21:38.000Z,0
CVE-2019-10933,https://securityvulnerability.io/vulnerability/CVE-2019-10933,,"A vulnerability has been identified in Spectrum Power 3 (Corporate User Interface) (All versions <= v3.11), Spectrum Power 4 (Corporate User Interface) (Version v4.75), Spectrum Power 5 (Corporate User Interface) (All versions < v5.50), Spectrum Power 7 (Corporate User Interface) (All versions <= v2.20). The web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. User interaction is required for a successful exploitation. The user does not need to be logged into the web interface in order for the exploitation to succeed.At the stage of publishing this security advisory no public exploitation is known.",Siemens Ag,"Spectrum Power 3 (corporate User Interface),Spectrum Power 4 (corporate User Interface),Spectrum Power 5 (corporate User Interface),Spectrum Power 7 (corporate User Interface)",6.1,MEDIUM,0.0007800000021234155,false,,false,false,false,,false,false,2019-07-11T21:17:47.000Z,0