Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions). The affected device do not properly restrict the user permission for the registry key. This could allow an authenticated attacker to load vulnerable drivers into the system leading to privilege escalation or bypassing endpoint protection and other security measures.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
关键资源的不正确权限授予
Vulnerability Title
Siemens SIMATIC IPC DiagBase 安全漏洞
Vulnerability Description
Siemens SIMATIC IPC DiagBase是德国西门子(Siemens)公司的一款诊断软件,用于监控和诊断 SIMATIC IPC(工业计算机)的硬件和系统状态。 Siemens SIMATIC IPC DiagBase存在安全漏洞,该漏洞源于受影响的设备未正确限制用户对注册表项的权限。这可能允许经过身份验证的攻击者将易受攻击的驱动程序加载到系统中,从而导致权限提升或绕过端点保护和其他安全措施。
CVSS Information
N/A
Vulnerability Type
N/A