CVE-2021-31338

High

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.0 SP1). Affected devices allow to modify…

siemens·CWE-15·Published 2021-08-19

CVSS

7.8

EPSS

0.00

KEV

Exploits

cve.orgen

276 chars

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.0 SP1). Affected devices allow to modify configuration settings over an unauthenticated channel. This could allow a local attacker to escalate privileges and execute own code on the device.

NVDen

276 chars

NVDes

331 chars

Se ha identificado una vulnerabilidad en SINEMA Remote Connect Client (Todas las versiones anteriores a V3.0 SP1). Los dispositivos afectados permiten modificar los ajustes de configuración a través de un canal no autenticado. Esto podría permitir a un atacante local escalar privilegios y ejecutar código propio en el dispositivo.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H