CVE-2019-13922

Summary

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). An attacker with administrative privileges can obtain the hash of a connected device's password. The security vulnerability could be exploited by an attacker with network access to the SINEMA Remote Connect Server and administrative privileges. At the time of advisory publication no public exploitation of this security vulnerability was known.

Affected Software

VendorProductVersion RangeStatus
Siemens AGSINEMA Remote Connect ServerAll versions < V2.0 SP1affected

Weaknesses

  • CWE-311: CWE-311: Missing Encryption of Sensitive Data

ADP Enrichment

CVE Program Container

Additional References

References