all InfoSec news
SSA-761617 V1.2 (Last Update: 2024-01-09): Authentication Bypass and Information Disclosure Vulnerabilities in SiNVR/SiVMS Video Server
Siemens ProductCERT Security Advisories cert-portal.siemens.com
The Video Server application in SiNVR/SiVMS solutions contains two vulnerabilities involving authentication bypass (CVE-2019-18339) and information disclosure (CVE-2019-18340).
PKE has released an update of the application that fixes CVE-2019-18339. This update is not available under the former Siemens OEM brand name SiNVR. For details contact PKE (https://pke.at/).
Siemens recommends specific countermeasures to mitigate the vulnerabilities.
application authentication authentication bypass bypass countermeasures cve disclosure information information disclosure server siemens solutions ssa update video vulnerabilities