Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Sprecher-automation Subscribe
Filtered by product Sprecon-e
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-11496 1 Sprecher-automation 1 Sprecon-e 2021-07-21 7.2 HIGH 6.7 MEDIUM
Sprecher SPRECON-E firmware prior to 8.64b might allow local attackers with access to engineering data to insert arbitrary code. This firmware lacks the validation of the input values on the device side, which is provided by the engineering software during parameterization. Attackers with access to local configuration files can therefore insert malicious commands that are executed after compiling them to valid parameter files (“PDLs”), transferring them to the device, and restarting the device.