CVE-2024-47562 Information

Description

A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly neutralize special elements in user input to the ssmctl-client command. This could allow an authenticated lowly privileged local attacker to execute privileged commands in the underlying OS.

Reference

https://cert-portal.siemens.com/productcert/html/ssa-430425.html