CNNVD-202508-1024 Information

Aug 12, 2025 cve

CNNVD ID

CNNVD-202508-1024

CVE-2024-41986

CNNVD Published: 2025-08-12

Description (Chinese)

Siemens SmartClient modules Opcenter QL Home是德国西门子（Siemens）公司的一个客户端模块。 Siemens多款产品存在加密问题漏洞，该漏洞源于支持不安全的TLS协议，可能导致中间人攻击。以下产品及版本受到影响：SmartClient modules Opcenter QL Home、SOA Audit和SOA Cockpit V13.2至V2506之前版本。

Description (English)

Siemens SmartClient Modeules Oppenter QL Home is a client module of Siemens in Germany. There is a encryption loophole in the Siemens multi-products, which stems from supporting unsafe TLS agreements and may lead to attacks by intermediaries. The following products and versions were affected: SmartClitClitules Opcenter QL Home, SOA Audit and SOA Cockpit V13.2 to V2506.

Hazard Level

High

Vulnerability Type

加密问题

Affected Vendor

西门子

Published

2025-08-12

Last Modified

2026-02-24

References

https://cert-portal.siemens.com/productcert/html/ssa-382999.html

Patch

https://cert-portal.siemens.com/productcert/html/ssa-382999.html

Share on: