VYPR

SICAM TOOLBOX II

by Siemens Foundation

CVEs (5)

  • CVE-2024-31854Jul 8, 2025
    risk 0.00cvss epss 0.00

    A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During establishment of a https connection to the TLS server of a managed device, the affected application doesn't check device's certificate common name against an expected value. This could allow…

  • CVE-2024-31853Jul 8, 2025
    risk 0.00cvss epss 0.00

    A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During establishment of a https connection to the TLS server of a managed device, the affected application doesn't check the extended key usage attribute of that device's certificate. This could…

  • CVE-2023-38641Aug 8, 2023
    risk 0.00cvss epss 0.00

    A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.10). The affected application's database service is executed as `NT AUTHORITY\SYSTEM`. This could allow a local attacker to execute operating system commands with elevated privileges.

  • CVE-2022-39062Aug 8, 2023
    risk 0.00cvss epss 0.00

    A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.10). Affected applications do not properly set permissions for product folders. This could allow an authenticated attacker with low privileges to replace DLLs and conduct a privilege escalation.

  • CVE-2021-45106Feb 9, 2022
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in SICAM TOOLBOX II (All versions). Affected applications use a circumventable access control within a database service. This could allow an attacker to access the database.