CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-38557

A vulnerability has been identified in Spectrum Power 7 (All versions < V23Q3). The affected product assigns improper access rights to the update script. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 2.4%

CVSS Severity

CVSS v3 Score 8.2

References

https://cert-portal.siemens.com/productcert/pdf/ssa-357182.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-357182.pdf

Products affected by CVE-2023-38557

Siemens » Spectrum Power 7 » Version: N/A

cpe:2.3:a:siemens:spectrum_power_7:-
Siemens » Spectrum Power 7 » Version: 2.20

cpe:2.3:a:siemens:spectrum_power_7:2.20
Siemens » Spectrum Power 7 » Version: 2.30

cpe:2.3:a:siemens:spectrum_power_7:2.30

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-38557

Products

Pricing

Contact Us