Home
MEDIUM: 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HHIGH: 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:NDefault status
unknown
Any version before V26.20
affected
Default status
unknown
Any version before V26.20.0
affected
Description
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.20), SICORE Base system (All versions < V26.20.0). The affected application contains a vulnerability in its firmware update mechanism's signature validation process. This could allow an attacker to install malicious firmware, leading to persistent code execution and system compromise.
Problem types
Product status
Any version before V26.20
Any version before V26.20.0
References
cert-portal.siemens.com/productcert/html/ssa-229470.html