virus logo Intrusion Prevention

Siemens.ALM.almaxcx.dll.ActiveX.Arbitrary.File.Overwrite

description-logoDescription

This indicates an attack attempt to exploit an Arbitrary File Overwrite vulnerability in Siemens Automation License Manager.
The vulnerability, which is located in the "almaxcx.dll" ActiveX control, can be exploited through misuse of a vulnerable method. As a result, a remote attacker will be able to overwrite an arbitrary file within the security context of the user. It may also potentially lead to remote code execution.

affected-products-logoAffected Products

Siemens Automation License Manager 2.0 to 5.1+SP1+Upd2

Impact logoImpact

System Compromise: Remote attackers can overwrite arbitrary file on the system.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
http://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&objId=57252401&nodeid0=17323948&load=content&lang=en&siteid=cseus&aktprim=0&objaction=csview&extranet=standard&viewreg=WW

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

http://www.us-cert.gov/control_systems/pdf/ICSA-11-361-01.pdf http://aluigi.altervista.org/adv/almsrvx_1-adv.txt
ID 30895
Created Feb 10, 2012
Updated Mar 04, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2011-4532
Exploit Prediction Score 0.19%
Default Action drop
Active
Affected OS Windows
Affected App SCADA