Vulnerabilities > CVE-2020-25245 - Unspecified vulnerability in Siemens Digsi 4 4.94

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
siemens

Summary

A vulnerability has been identified in DIGSI 4 (All versions < V4.94 SP1 HF 1). Several folders in the %PATH% are writeable by normal users. As these folders are included in the search for dlls, an attacker could place dlls there with code executed by SYSTEM.

Vulnerable Configurations

Part Description Count
Application
Siemens
3