CVE-2020-25240 - AskarLabs CVE Database

CVE-2020-25240

Vendor Siemens

Product SINEMA Remote Connect Server

Weakness CWE-863 · Incorrect authorization

Published March 15, 2021

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0). Unpriviledged users can access services when guessing the url. An attacker could impact availability, integrity and gain information from logs and templates of the service.

Key dates

02Disclosure timeline

March 15, 2021 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2020-25240 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/863.html

Related vulnerabilities

04Related CVE

CVE-2026-24428 Tenda W30E V2 Incorrect Authorization Allows Administrator Password Change CVE-2023-46244 Privilege escalation in Xwiki platform CVE-2020-36948 VestaCP 0.9.8-26 - 'LoginAs' Insufficient Session Validation CVE-2025-8068 HT Mega – Absolute Addons For Elementor <= 2.9.1 - Improper Authorization to Authenticated (Contributor+) Limited Administrator Actions CVE-2025-30155 Tuleap does not enforce read permissions on parent trackers in the REST API