The Siemens SPCanywhere application for Android and iOS does not use encryption during lookups of system ID to IP address mappings, which allows man-in-the-middle malicious users to discover alarm IP addresses and spoof servers by intercepting the client-server data stream.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
siemens spcanywhere |