Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-37207

EPSS 0.03% · P10
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-37207

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability has been identified in SENTRON powermanager V3 (All versions). The affected application assigns improper access rights to a specific folder containing configuration files. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
关键资源的不正确权限授予
Source: NVD (National Vulnerability Database)
Vulnerability Title
Siemens Sentron Powermanager 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Siemens Sentron Powermanager是德国西门子(Siemens)公司的一个电源管理软件。用于与测量设备一起提供电源管理解决方案,以提高能源透明度并降低能源成本。 Siemens Sentron Powermanager V3 版本存在安全漏洞,该漏洞源于受影响的应用程序对包含配置文件的特定文件夹分配了不正确的访问权限。这可能允许经过身份验证的本地攻击者可利用该漏洞注入任意代码并升级特权。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
SiemensSENTRON powermanager V3 All versions -

II. Public POCs for CVE-2021-37207

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2021-37207

登录查看更多情报信息。

Same Patch Batch · Siemens · 2021-11-09 · 25 CVEs total

CVE-2021-403589.9 CRITICALSiemens SIMATIC PCS 7和SIMATIC WinCC 路径遍历漏洞
CVE-2021-313468.2 HIGHSiemens Nucleus 安全漏洞
CVE-2021-403597.7 HIGHSiemens SIMATIC PCS 7和SIMATIC WinCC 路径遍历漏洞
CVE-2021-318907.5 HIGHSiemens Nucleus ReadyStart 安全漏洞
CVE-2021-318897.5 HIGHSiemens Nucleus 数字错误漏洞
CVE-2021-313457.5 HIGHSiemens Nucleus 安全漏洞
CVE-2021-318817.1 HIGHSiemens Nucleus ReadyStart 缓冲区错误漏洞
CVE-2021-318837.1 HIGHSiemens Nucleus ReadyStart 缓冲区错误漏洞
CVE-2021-318826.5 MEDIUMSiemens Nucleus 缓冲区错误漏洞
CVE-2021-403645.5 MEDIUMSiemens SIMATIC PCS 7和SIMATIC WinCC 日志信息泄露漏洞
CVE-2021-313445.3 MEDIUMSiemens Nucleus ReadyStart 安全漏洞
CVE-2021-31886Siemens Nucleus ReadyStart 缓冲区错误漏洞
CVE-2020-10052SIMATIC RTLS 日志信息泄露漏洞
CVE-2020-10053SIMATIC RTLS 安全漏洞
CVE-2020-10054SIMATIC RTLS 输入验证错误漏洞
CVE-2021-31884Siemens Nucleus ReadyStart 安全漏洞
CVE-2021-31885Siemens Nucleus ReadyStart 安全漏洞
CVE-2021-42026Siemens Mendix 安全漏洞
CVE-2021-31888Siemens Nucleus ReadyStart 缓冲区错误漏洞
CVE-2021-31887Siemens Nucleus ReadyStart 缓冲区错误漏洞

Showing top 20 of 25 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same vendor: Siemens
Same weakness: CWE-732

V. Comments for CVE-2021-37207

No comments yet

Leave a comment