A vulnerability has been identified in License Management Utility (LMU) (All versions < V2.4). The lmgrd service of the affected application is executed with local SYSTEM privileges on the server while its configuration can be modified by local users. The vulnerability could allow a local authenticated attacker to execute arbitrary commands on the server with local SYSTEM privileges.
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-709003.pdf | Vendor Advisory |
https://us-cert.cisa.gov/ics/advisories/icsa-20-252-03 | Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: siemens
Published: 2020-09-09T18:10:49
Updated: 2020-09-23T22:01:37
Reserved: 2020-03-04T00:00:00
Link: CVE-2020-10056
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-09-09T19:15:18.773
Modified: 2023-01-24T01:44:48.783
Link: CVE-2020-10056
JSON object: View
Redhat Information
No data.