CVE-2016-8565

Siemens Automation License Manager (ALM) before 5.3 SP3 allows remote attackers to write to files, rename files, create directories, or delete directories via crafted packets.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.1 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 78%
VendorProductVersion
siemensautomation_license_manager
𝑥
≤ 5.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/93553
http://www.securitytracker.com/id/1037011
http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284342.pdf
https://ics-cert.us-cert.gov/advisories/ICSA-16-287-02
http://www.securityfocus.com/bid/93553
http://www.securitytracker.com/id/1037011
http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284342.pdf
https://ics-cert.us-cert.gov/advisories/ICSA-16-287-02