all InfoSec news
SSA-658793 V1.0: Command Injection Vulnerability in SiPass integrated AC5102 / ACC-G2 and ACC-AP
Siemens ProductCERT Security Advisories cert-portal.siemens.com
SiPass integrated ACC (Advanced Central Controller) devices improperly sanitize user input on the telnet command line interface. This could allow an authenticated user to escalate privileges by injecting arbitrary commands that are executed with root privileges.
Siemens has released updates for the affected products and recommends to update to the latest versions.
advanced command command injection command line devices injection input interface latest privileges products root siemens ssa telnet update updates vulnerability