Siemens

Spcanywhere

5 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
2.1

CVE-2015-1599

  • EPSS 0.06%
  • Veröffentlicht 07.03.2015 02:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Siemens SPCanywhere application for iOS allows physically proximate attackers to bypass intended access restrictions by leveraging a filesystem architectural error.

2.1

CVE-2015-1598

  • EPSS 0.06%
  • Veröffentlicht 07.03.2015 02:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Siemens SPCanywhere application for Android does not properly store application passwords, which allows physically proximate attackers to obtain sensitive information by examining the device filesystem.

6.8

CVE-2015-1597

  • EPSS 0.4%
  • Veröffentlicht 07.03.2015 02:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Siemens SPCanywhere application for Android does not use encryption during the loading of code, which allows man-in-the-middle attackers to execute arbitrary code by modifying the client-server data stream.

5.8

CVE-2015-1596

  • EPSS 0.14%
  • Veröffentlicht 07.03.2015 02:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Siemens SPCanywhere application for Android and iOS does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

4.3

CVE-2015-1595

  • EPSS 0.14%
  • Veröffentlicht 07.03.2015 02:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Siemens SPCanywhere application for Android and iOS does not use encryption during lookups of system ID to IP address mappings, which allows man-in-the-middle attackers to discover alarm IP addresses and spoof servers by intercepting the client-s...