CVE-2020-7583

Summary

A vulnerability has been identified in Automation License Manager 5 (All versions), Automation License Manager 6 (All versions < V6.0.8). The application does not properly validate the users' privileges when executing some operations, which could allow a user with low permissions to arbitrary modify files that should be protected against writing.

Affected Software

VendorProductVersion RangeStatus
Siemens AGAutomation License Manager 5All versionsaffected
Siemens AGAutomation License Manager 6All versions < V6.0.8affected

Weaknesses

  • CWE-285: CWE-285: Improper Authorization

ADP Enrichment

CVE Program Container

Additional References

References