Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Siemens SPCanywhere application for Android and iOS does not use encryption during lookups of system ID to IP address mappings, which allows man-in-the-middle attackers to discover alarm IP addresses and spoof servers by intercepting the client-server data stream.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Siemens SPCanywhere应用程序信息泄露漏洞
Vulnerability Description
Siemens SPCanywhere Application for Android和iOS是德国西门子(Siemens)公司的一套基于Android平台和iOS平台的允许用户通过手机远程访问西门子SPC入侵报警系统的移动应用程序。 基于Android和iOS平台的Siemens SPCanywhere应用程序中存在安全漏洞,该漏洞源于程序在系统ID到IP地址映射的查找过程中没有使用加密技术。攻击者可通过拦截client-server数据流利用该漏洞实施中间人攻击,发现入侵报警系统的IP地址,伪造数据,
CVSS Information
N/A
Vulnerability Type
N/A