Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Siemens Subscribe
Filtered by product Spcanywhere
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-1595 1 Siemens 1 Spcanywhere 2015-07-15 4.3 MEDIUM N/A
The Siemens SPCanywhere application for Android and iOS does not use encryption during lookups of system ID to IP address mappings, which allows man-in-the-middle attackers to discover alarm IP addresses and spoof servers by intercepting the client-server data stream.
CVE-2015-1599 1 Siemens 1 Spcanywhere 2015-03-09 2.1 LOW N/A
The Siemens SPCanywhere application for iOS allows physically proximate attackers to bypass intended access restrictions by leveraging a filesystem architectural error.
CVE-2015-1596 1 Siemens 1 Spcanywhere 2015-03-09 5.8 MEDIUM N/A
The Siemens SPCanywhere application for Android and iOS does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2015-1598 1 Siemens 1 Spcanywhere 2015-03-09 2.1 LOW N/A
The Siemens SPCanywhere application for Android does not properly store application passwords, which allows physically proximate attackers to obtain sensitive information by examining the device filesystem.
CVE-2015-1597 1 Siemens 1 Spcanywhere 2015-03-09 6.8 MEDIUM N/A
The Siemens SPCanywhere application for Android does not use encryption during the loading of code, which allows man-in-the-middle attackers to execute arbitrary code by modifying the client-server data stream.