SSA-786743 (Last Update: 2020-08-11): Code Injection Vulnerability in Advanced Reporting for Desigo CC and Desigo CC Compact
Published
2020-08-11 00:00:00 UTC
Summary
The extension module Advanced Reporting for Desigo CC and Desigo CC Compact contains a code injection vulnerability, which could be exploited if the extension module is installed on the server and configured.
Siemens has released patches for the affected products and recommends specific countermeasures for unpatched systems.