CNNVD-202511-1000 Information

CNNVD ID

CNNVD-202511-1000

Related CVE

CVE-2024-32010

• CNNVD Published: 2025-11-11

Description (Chinese)

Siemens Spectrum Power是德国西门子（Siemens）公司的一套能源管理系统。 Siemens Spectrum Power 4 V4.70 SP12 Update 2之前版本存在安全漏洞，该漏洞源于凭证文件可被全局读取，可能导致攻击者以特权用户身份连接数据库并执行系统命令。

Description (English)

Siemens Spectrum Power is an energy management system of Siemens, Germany. There was a security loophole in the pre-version of Siemens Spectrum Power 4 V4.70 SP12 Update 2, which stemmed from the fact that document files were fully accessible and could lead to the attackers connecting the database with privileged user identities and implementing system orders.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

西门子

Published

2025-11-11

Last Modified

2026-02-24

References

https://cert-portal.siemens.com/productcert/html/ssa-339694.html https://access.redhat.com/security/cve/cve-2024-32010

Patch

https://cert-portal.siemens.com/productcert/html/ssa-339694.html