SICAM TOOLBOX II
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-31854 | 0.00 | — | 0.00 | Jul 8, 2025 | A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During establishment of a https connection to the TLS server of a managed device, the affected application doesn't check device's certificate common name against an expected value. This could allow… | |||
| CVE-2024-31853 | 0.00 | — | 0.00 | Jul 8, 2025 | A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During establishment of a https connection to the TLS server of a managed device, the affected application doesn't check the extended key usage attribute of that device's certificate. This could… | |||
| CVE-2023-38641 | 0.00 | — | 0.00 | Aug 8, 2023 | A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.10). The affected application's database service is executed as `NT AUTHORITY\SYSTEM`. This could allow a local attacker to execute operating system commands with elevated privileges. | |||
| CVE-2022-39062 | 0.00 | — | 0.00 | Aug 8, 2023 | A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.10). Affected applications do not properly set permissions for product folders. This could allow an authenticated attacker with low privileges to replace DLLs and conduct a privilege escalation. | |||
| CVE-2021-45106 | 0.00 | — | 0.01 | Feb 9, 2022 | A vulnerability has been identified in SICAM TOOLBOX II (All versions). Affected applications use a circumventable access control within a database service. This could allow an attacker to access the database. |
- CVE-2024-31854Jul 8, 2025risk 0.00cvss —epss 0.00
A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During establishment of a https connection to the TLS server of a managed device, the affected application doesn't check device's certificate common name against an expected value. This could allow…
- CVE-2024-31853Jul 8, 2025risk 0.00cvss —epss 0.00
A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During establishment of a https connection to the TLS server of a managed device, the affected application doesn't check the extended key usage attribute of that device's certificate. This could…
- CVE-2023-38641Aug 8, 2023risk 0.00cvss —epss 0.00
A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.10). The affected application's database service is executed as `NT AUTHORITY\SYSTEM`. This could allow a local attacker to execute operating system commands with elevated privileges.
- CVE-2022-39062Aug 8, 2023risk 0.00cvss —epss 0.00
A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.10). Affected applications do not properly set permissions for product folders. This could allow an authenticated attacker with low privileges to replace DLLs and conduct a privilege escalation.
- CVE-2021-45106Feb 9, 2022risk 0.00cvss —epss 0.01
A vulnerability has been identified in SICAM TOOLBOX II (All versions). Affected applications use a circumventable access control within a database service. This could allow an attacker to access the database.