Siemens: >> Ruggedcom Crossbow >> 5.2 Security Vulnerabilities
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications accept unauthenticated file write messages. An unauthenticated remote attacker could write arbitrary files to the affected application's file system.
CVSS Score
5.3
EPSS Score
0.003
Published
2023-08-08
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications is vulnerable to SQL injection. This could allow an authenticated remote attackers to execute arbitrary SQL queries on the server database and escalate privileges.
CVSS Score
8.8
EPSS Score
0.006
Published
2023-08-08
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.3). The client query handler of the affected application fails to check for proper permissions for specific read queries. This could allow authenticated remote attackers to access data they are not authorized for.
CVSS Score
3.1
EPSS Score
0.001
Published
2023-03-14
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.3). The audit log form of affected applications is vulnerable to SQL injection. This could allow authenticated remote attackers to execute arbitrary SQL queries on the server database.
CVSS Score
8.8
EPSS Score
0.006
Published
2023-03-14
Page 2