Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2011-4531

CWE-20Improper Input Validation4 documents4 sources
Severity
5.0MEDIUM
EPSS
13.8%
top 5.73%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Siemens Automation License Manager
Timeline
PublishedJan 8
Latest updateMay 17

Description

Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted content in a (1) get_target_ocx_param or (2) send_target_ocx_param command.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-px66-m46c-vmhx: Siemens Automation License Manager (ALM) 42022-05-17
CVEList
CVE-2011-4531: Siemens Automation License Manager (ALM) 42012-01-08

💥Exploits & PoCs

1
Exploit-DB
siemens automation license manager 500.0.122.1 - Multiple Vulnerabilities2011-11-28
CVE-2011-4531 (MEDIUM CVSS 5) | Siemens Automation License Manager | cvebase.io