CVE-2024-47553 Information

Description

A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly validate user input to the ssmctl-client command. This could allow an authenticated lowly privileged remote attacker to execute arbitrary code with root privileges on the underlying OS.

Reference

https://cert-portal.siemens.com/productcert/html/ssa-430425.html