Unrated severityNVD Advisory· Published Aug 14, 2020· Updated Aug 4, 2024

CVE-2020-10055

Description

A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). Affected applications are delivered with a 3rd party component (BIRT) that contains a remote code execution vulnerability if the Advanced Reporting Engine is enabled. The vulnerability could allow a remote unauthenticated attacker to execute arbitrary commands on the server with SYSTEM privileges.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Siemens Foundation/Desigo CC Compactllm-create
Range: V4.x, V3.x
Siemens Foundation/Desigo CCllm-fuzzy
Range: V4.x, V3.x
Siemens AG/Desigo CCv5
Range: V3.x
Siemens AG/Desigo CC Compactv5
Range: V3.x

Patches

Vulnerability mechanics

References

cert-portal.siemens.com/productcert/pdf/ssa-786743.pdfmitrex_refsource_MISC
us-cert.cisa.gov/ics/advisories/icsa-20-224-06mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.005
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000