QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2020-10055

Back to search

CVE-2020-10055

Published: Aug 14, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). Affected applications are delivered with a 3rd party component (BIRT) that contains a remote code execution vulnerability if the Advanced Reporting Engine is enabled. The vulnerability could allow a remote unauthenticated attacker to execute arbitrary commands on the server with SYSTEM privileges.

VendorProductVersions

Siemens AG

Desigo CC

affected
V4.x

Siemens AG

Desigo CC

affected
V3.x

Siemens AG

Desigo CC Compact

affected
V4.x

Siemens AG

Desigo CC Compact

affected
V3.x

Weaknesses (CWE)

CWE-94

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now