CVE-2024-36266 Information

Description

A vulnerability has been identified in PowerSys (All versions < V3.11). The affected application insufficiently protects responses to authentication requests. This could allow a local attacker to bypass authentication thereby gaining administrative privileges for the managed remote devices.

Reference

https://cert-portal.siemens.com/productcert/html/ssa-024584.html