Vulnerability Details CVE-2022-32252
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The application does not perform the integrity check of the update packages. Without validation, an admin user might be tricked to install a malicious package, granting root privileges to an attacker.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 22.6%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 9.3
References
Products affected by CVE-2022-32252
-
cpe:2.3:a:siemens:sinema_remote_connect_server:-
-
cpe:2.3:a:siemens:sinema_remote_connect_server:1.0
-
cpe:2.3:a:siemens:sinema_remote_connect_server:1.1
-
cpe:2.3:a:siemens:sinema_remote_connect_server:1.2
-
cpe:2.3:a:siemens:sinema_remote_connect_server:1.3
-
cpe:2.3:a:siemens:sinema_remote_connect_server:2.0
-
cpe:2.3:a:siemens:sinema_remote_connect_server:3.0