CVE-2023-38641

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 8, 2023

Updated: Aug 15, 2023

CWE ID 250

Summary

CVE-2023-38641 is a newly discovered vulnerability affecting SICAM TOOLBOX II (all versions below V07.10). The issue lies in the application's database service, which runs under the `NT AUTHORITY\\SYSTEM` account. This weakness grants local attackers the ability to execute operating system commands with elevated privileges, potentially leading to significant system compromise.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Siemens SICAM Toolbox II

Affected Vendors

Siemens AG

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sEmeqV
https://www.cve.org/CVERecord?id=CVE-2023-38641
https://nvd.nist.gov/vuln/detail/CVE-2023-38641

Back to Vulnerability Database