What the vulnerability does

01Description

A vulnerability has been identified in SIPORT MP (All versions < 3.1.4). Vulnerable versions of the device allow the creation of special accounts ("service users") with administrative privileges that could enable a remote authenticated attacker to perform actions that are not visible to other users of the system, such as granting persons access to a secured area.

Key dates

02Disclosure timeline

March 10, 2020 CVE published
August 5, 2024 Record updated