Daily Archives: September 16, 2022

Advisories

ZDI-22-1242: Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Read Time:12 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Read More

Advisories

SEC Consult SA-20220915-0 :: Local Privilege Escalation im SAP® SAPControl Web Service Interface (sapuxuserchk)

Read Time:16 Second

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Sep 15

SEC Consult Vulnerability Lab Security Advisory < 20220915-0 >
=======================================================================
title: Local privilege escalation
product: SAP® SAPControl Web Service Interface (sapuxuserchk)
vulnerable version: see section “Vulnerable / tested versions”
fixed version: see SAP security note 3158619
CVE number: CVE-2022-29614…

Read More

Advisories

SEC Consult SA-20220914-0 :: Improper Access Control in SAP® SAProuter

Read Time:15 Second

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Sep 15

SEC Consult Vulnerability Lab Security Advisory < 20220914-0 >
=======================================================================
title: Improper Access Control
product: SAP® SAProuter
vulnerable version: see section “Vulnerable / tested versions”
fixed version: see SAP security note 3158375
CVE number: CVE-2022-27668
impact: high
homepage:…

Read More