| CVE-2015-1599 | | 0.00 | — | 0.00 | | Mar 7, 2015 | The Siemens SPCanywhere application for iOS allows physically proximate attackers to bypass intended access restrictions by leveraging a filesystem architectural error. |
| CVE-2015-1598 | | 0.00 | — | 0.00 | | Mar 7, 2015 | The Siemens SPCanywhere application for Android does not properly store application passwords, which allows physically proximate attackers to obtain sensitive information by examining the device filesystem. |
| CVE-2015-1597 | | 0.00 | — | 0.00 | | Mar 7, 2015 | The Siemens SPCanywhere application for Android does not use encryption during the loading of code, which allows man-in-the-middle attackers to execute arbitrary code by modifying the client-server data stream. |
| CVE-2015-1596 | | 0.00 | — | 0.00 | | Mar 7, 2015 | The Siemens SPCanywhere application for Android and iOS does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
| CVE-2015-1595 | | 0.00 | — | 0.00 | | Mar 7, 2015 | The Siemens SPCanywhere application for Android and iOS does not use encryption during lookups of system ID to IP address mappings, which allows man-in-the-middle attackers to discover alarm IP addresses and spoof servers by intercepting the client-server data stream. |
