Vulnerability Details CVE-2021-37207
A vulnerability has been identified in SENTRON powermanager V3 (All versions). The affected application assigns improper access rights to a specific folder containing configuration files. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 7.9%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
Products affected by CVE-2021-37207
-
cpe:2.3:a:siemens:sentron_powermanager_3:3.0
-
cpe:2.3:a:siemens:sentron_powermanager_3:3.1
-
cpe:2.3:a:siemens:sentron_powermanager_3:3.2
-
cpe:2.3:a:siemens:sentron_powermanager_3:3.3
-
cpe:2.3:a:siemens:sentron_powermanager_3:3.4
-
cpe:2.3:a:siemens:sentron_powermanager_3:3.5
-
cpe:2.3:a:siemens:sentron_powermanager_3:3.6