← back
CVE-2019-18283

CVE-2019-18283

EPSS 5.4%CWE-502
In short

The SPPA-T3000 Application Server allows anyone with network access to send malicious data to an unprotected service, which can execute arbitrary code on the server. This is dangerous because attackers can take full control of the system.

Technical detail

CWE-502 (Deserialization of Untrusted Data) vulnerability in AdminService of SPPA-T3000 versions prior to R8.2 SP2. The service accepts unauthenticated remote objects and deserializes them without validation, enabling remote code execution. Exploitation requires network access to the Application Highway.

Summary generated and translated by AI from the official description.
A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The AdminService is available without authentication on the Application Server. An attacker can gain remote code execution by sending specifically crafted objects to one of its functions. Please note that an attacker needs to have access to the Application Highway in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.
Affected products
Siemens · SPPA-T3000 Application Server

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.htmlhttps://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf