CNNVD-202507-895 Information

CNNVD ID

CNNVD-202507-895

Related CVE

CVE-2024-31854

• CNNVD Published: 2025-07-08

Description (Chinese)

Siemens SICAM TOOLBOX II是德国西门子（Siemens）公司的一款工程软件。 Siemens SICAM TOOLBOX II V07.11之前版本存在信任管理问题漏洞，该漏洞源于未检查设备证书的通用名称，可能导致中间人攻击。

Description (English)

Siemens SICAM TOOLBOX II is an engineering software from Siemens, Germany. The previous version of Siemens SICAM TOOLBOX II V07.11 had a confidence management gap, which originated from the common name of the unchecked equipment certificate and could lead to an attack by an intermediary.

Hazard Level

Medium

Vulnerability Type

信任管理问题

Affected Vendor

西门子

Published

2025-07-08

Last Modified

2026-02-24

References

https://cert-portal.siemens.com/productcert/html/ssa-183963.html https://nvd.nist.gov/vuln/detail/CVE-2024-31854

Patch

https://support.industry.siemens.com/cs/document/109822197/sicam-toolbox-ii-v07-10-and-v07-11-package?lc=en-ww