CVE-2024-47563
CVSS Score
5.3
EPSS Score
0.0%
EPSS Percentile
0th
A vulnerability has been identified in SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly validate a file path that is supplied to an endpoint intended to create CSR files. This could allow an unauthenticated remote attacker to create files in writable directories outside the intended location and thus compromise integrity of files in those writable directories.
| CWE | CWE-22 |
| Vendor | siemens |
| Product | sinec security monitor |
| Ecosystems | |
| Industries | IndustrialManufacturing |
| Published | Oct 8, 2024 |
| Last Updated | Mar 10, 2026 |
Stay Ahead of the Next One
Get instant alerts for siemens sinec security monitor
Be the first to know when new medium vulnerabilities affecting siemens sinec security monitor are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
Siemens / SINEC Security Monitor
0 < V4.9.0