CVE-2020-28392
CVE-2020-28392
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS —EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
09 feb 2021Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A vulnerability has been identified in SIMARIS configuration (All versions < V4.0.1). During installation to default target folder, incorrect permissions are configured for the application folder and subfolders which could allow an attacker to gain persistence or potentially escalate privileges should a user with elevated credentials log onto the machine.
Productos afectados
Siemens · SIMARIS configuration¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →