A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1). The system service of affected applications is vulnerable to command injection due to missing server side input sanitation when loading VPN configurations. This could allow an authenticated local attacker to execute arbitrary code with system privileges.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: siemens
Published: 2024-07-09T12:05:11.543Z
Updated: 2024-08-02T04:26:16.003Z
Reserved: 2024-06-25T15:55:17.885Z
Link: CVE-2024-39567
Vulnrichment
Updated: 2024-07-10T13:52:56.037Z
NVD
Status : Awaiting Analysis
Published: 2024-07-09T12:15:16.053
Modified: 2024-11-21T09:28:01.753
Link: CVE-2024-39567
Redhat
No data.