Critical Infrastructure Sectors: Critical Manufacturing
A vulnerability has been identified in SINUMERIK MC (All versions < V1.15 SP1), SINUMERIK ONE (All versions < V6.15 SP1). The sc SUID binary on affected devices provides several commands that are used to execute system commands or modify system files. A specific set of operations using sc could allow local malicious users to escalate their privileges to root.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
siemens sinumerik_mc_firmware |
||
siemens sinumerik_mc_firmware 1.15 |
||
siemens sinumerik_one_firmware |
||
siemens sinumerik_one_firmware 6.15 |