CNNVD-202507-898 Information
Jul 08, 2025
cve
CNNVD ID
CNNVD-202507-898
Related CVE
- CNNVD Published: 2025-07-08
Description (Chinese)
Siemens SICAM TOOLBOX II是德国西门子(Siemens)公司的一款工程软件。 Siemens SICAM TOOLBOX II V07.11之前版本存在信任管理问题漏洞,该漏洞源于未检查设备证书的扩展密钥使用属性,可能导致中间人攻击。
Description (English)
Siemens SICAM TOOLBOX II is an engineering software from Siemens, Germany. The previous version of Siemens SICAM TOOLBOX II V07.11 had a trust management management gap, which stemmed from the failure to check the extension key use properties of the equipment certificate and could lead to an attack by an intermediary.
Hazard Level
Medium
Vulnerability Type
信任管理问题
Affected Vendor
西门子
Published
2025-07-08
Last Modified
2026-02-24
References
https://cert-portal.siemens.com/productcert/html/ssa-183963.html https://nvd.nist.gov/vuln/detail/CVE-2024-31853