← volver
CVE-2020-10056

CVE-2020-10056

EPSS 0.4%CWE-250
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
09 sep 2020Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A vulnerability has been identified in License Management Utility (LMU) (All versions < V2.4). The lmgrd service of the affected application is executed with local SYSTEM privileges on the server while its configuration can be modified by local users. The vulnerability could allow a local authenticated attacker to execute arbitrary commands on the server with local SYSTEM privileges.
Productos afectados
Siemens AG · License Management Utility (LMU)

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://cert-portal.siemens.com/productcert/pdf/ssa-709003.pdfhttps://us-cert.cisa.gov/ics/advisories/icsa-20-252-03