all InfoSec news
SSA-084182 V1.0: Privilege Escalation Vulnerability in Mendix Runtime
Siemens ProductCERT Security Advisories cert-portal.siemens.com
Mendix Runtime contains a capture-replay flaw which could have an impact to apps built with the platform, if certain preconditions are met that depend on the app’s model and access control design. This could allow authenticated attackers to access or modify objects without proper authorization, or escalate privileges in the context of the vulnerable app.
Siemens has released updates for the affected products and recommends to update to the latest versions.
access access control app apps attackers authorization capture context control design escalation flaw impact platform privilege privilege escalation privileges replay runtime ssa vulnerability