Skip to main content

Spcanywhere

5 CVEs product

Monthly

CVE-2015-1599 LOW Monitor

The Siemens SPCanywhere application for iOS allows physically proximate attackers to bypass intended access restrictions by leveraging a filesystem architectural error. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Apple Privilege Escalation Siemens Spcanywhere
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2015-1598 LOW Monitor

The Siemens SPCanywhere application for Android does not properly store application passwords, which allows physically proximate attackers to obtain sensitive information by examining the device. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Siemens Spcanywhere
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2015-1597 MEDIUM This Month

The Siemens SPCanywhere application for Android does not use encryption during the loading of code, which allows man-in-the-middle attackers to execute arbitrary code by modifying the client-server. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

RCE Google Code Injection Siemens Spcanywhere
NVD
CVSS 2.0
6.8
EPSS
0.4%
CVE-2015-1596 MEDIUM This Month

The Siemens SPCanywhere application for Android and iOS does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Apple Google Information Disclosure Siemens Spcanywhere
NVD
CVSS 2.0
5.8
EPSS
0.1%
CVE-2015-1595 MEDIUM This Month

The Siemens SPCanywhere application for Android and iOS does not use encryption during lookups of system ID to IP address mappings, which allows man-in-the-middle attackers to discover alarm IP. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple Google Information Disclosure Siemens Spcanywhere
NVD
CVSS 2.0
4.3
EPSS
0.1%
EPSS 0% CVSS 2.1
LOW Monitor

The Siemens SPCanywhere application for iOS allows physically proximate attackers to bypass intended access restrictions by leveraging a filesystem architectural error. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Apple Privilege Escalation Siemens +1
NVD
EPSS 0% CVSS 2.1
LOW Monitor

The Siemens SPCanywhere application for Android does not properly store application passwords, which allows physically proximate attackers to obtain sensitive information by examining the device. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Siemens +1
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

The Siemens SPCanywhere application for Android does not use encryption during the loading of code, which allows man-in-the-middle attackers to execute arbitrary code by modifying the client-server. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

RCE Google Code Injection +2
NVD
EPSS 0% CVSS 5.8
MEDIUM This Month

The Siemens SPCanywhere application for Android and iOS does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Apple Google Information Disclosure +2
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The Siemens SPCanywhere application for Android and iOS does not use encryption during lookups of system ID to IP address mappings, which allows man-in-the-middle attackers to discover alarm IP. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple Google Information Disclosure +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy