CVE-2021-31891
CRITICAL
10.0
CVSS Severity Score
Vulnerability Description
A vulnerability has been identified in Desigo CC (All versions with OIS Extension Module), GMA-Manager (All versions with OIS running on Debian 9 or earlier), Operation Scheduler (All versions with OIS running on Debian 9 or earlier), Siveillance Control (All versions with OIS running on Debian 9 or earlier), Siveillance Control Pro (All versions). The affected application incorrectly neutralizes special elements in a specific HTTP GET request which could lead to command injection. An unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on the system with root privileges.
Affected Platforms (CPE)
π¦
Siemens
Desigo Cc
All versionsπ¦
Siemens
Siveillance Control Pro
All versionsπ¦
Siemens
Gma Manager
All versionsπ¦
Siemens
Operation Scheduler
All versionsπ¦
Siemens