High severity8.8NVD Advisory· Published Aug 7, 2018· Updated Jun 17, 2026
CVE-2018-11455
CVE-2018-11455
Description
A vulnerability has been identified in Automation License Manager 5 (All versions < 5.3.4.4), Automation License Manager 6 (All versions < 6.0.1). A directory traversal vulnerability could allow a remote attacker to move arbitrary files, which can result in code execution, compromising confidentiality, integrity and availability of the system. Successful exploitation requires a network connection to the affected device. The attacker does not need privileges or special conditions of the system, but user interaction is required.
Affected products
2- Range: <5.3.4.4, <6.0.1
- Siemens AG/Automation License Manager 5, Automation License Manager 6v5Range: Automation License Manager 5 : All versions < 5.3.4.4
Patches
Vulnerability mechanics
References
2- www.securityfocus.com/bid/105114nvdThird Party AdvisoryVDB Entry
- cert-portal.siemens.com/productcert/pdf/ssa-920962.pdfnvdVendor Advisory
News mentions
0No linked articles in our index yet.