CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-44120

A vulnerability has been identified in Spectrum Power 7 (All versions < V23Q4). The affected product's sudo configuration permits the local administrative account to execute several entries as root user. This could allow an authenticated local attacker to inject arbitrary code and gain root access.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.3%

CVSS Severity

CVSS v3 Score 7.8

References

https://cert-portal.siemens.com/productcert/pdf/ssa-786191.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-786191.pdf

Products affected by CVE-2023-44120

Siemens » Spectrum Power 7 » Version: N/A

cpe:2.3:a:siemens:spectrum_power_7:-
Siemens » Spectrum Power 7 » Version: 2.20

cpe:2.3:a:siemens:spectrum_power_7:2.20
Siemens » Spectrum Power 7 » Version: 2.30

cpe:2.3:a:siemens:spectrum_power_7:2.30
Siemens » Spectrum Power 7 » Version: 23q3

cpe:2.3:a:siemens:spectrum_power_7:23q3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-44120

Products

Pricing

Contact Us