Siemens.ALM.almaxcx.dll.ActiveX.Arbitrary.File.Overwrite
Description
This indicates an attack attempt to exploit an Arbitrary File Overwrite vulnerability in Siemens Automation License Manager.
The vulnerability, which is located in the "almaxcx.dll" ActiveX control, can be exploited through misuse of a vulnerable method. As a result, a remote attacker will be able to overwrite an arbitrary file within the security context of the user. It may also potentially lead to remote code execution.
Affected Products
Siemens Automation License Manager 2.0 to 5.1+SP1+Upd2
Impact
System Compromise: Remote attackers can overwrite arbitrary file on the system.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
http://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&objId=57252401&nodeid0=17323948&load=content&lang=en&siteid=cseus&aktprim=0&objaction=csview&extranet=standard&viewreg=WW
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |