A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1), SIMATIC Energy Manager PRO (All versions < V7.3 Update 1). The affected system allows remote users to send maliciously crafted objects. Due to insecure deserialization of user-supplied content by the affected software, an unauthenticated attacker could exploit this vulnerability by sending a maliciously crafted serialized object. This could allow the malicious user to execute arbitrary code on the device with SYSTEM privileges.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
siemens simatic energy manager basic |
||
siemens simatic energy manager basic 7.3 |
||
siemens simatic energy manager pro |
||
siemens simatic energy manager pro 7.3 |