CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-10056

A vulnerability has been identified in License Management Utility (LMU) (All versions < V2.4). The lmgrd service of the affected application is executed with local SYSTEM privileges on the server while its configuration can be modified by local users. The vulnerability could allow a local authenticated attacker to execute arbitrary commands on the server with local SYSTEM privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.2%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 7.2

References

https://cert-portal.siemens.com/productcert/pdf/ssa-709003.pdf
https://us-cert.cisa.gov/ics/advisories/icsa-20-252-03
https://cert-portal.siemens.com/productcert/pdf/ssa-709003.pdf
https://us-cert.cisa.gov/ics/advisories/icsa-20-252-03

Products affected by CVE-2020-10056

Siemens » License Management Utility » Version: 2.3.745

cpe:2.3:a:siemens:license_management_utility:2.3.745

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-10056

Products

Pricing

Contact Us