CVE-2024-41792 HIGH

CVE-2024-41792

Vendor Siemens
Product SENTRON 7KT PAC1260 Data Manager
Weakness CWE-22 · Path traversal
Published April 8, 2025
Last update April 8, 2025

CVSS base score

8.6/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

What the vulnerability does

01Description

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices contains a path traversal vulnerability. This could allow an unauthenticated attacker it to access arbitrary files on the device with root privileges.

Key dates

02Disclosure timeline

April 8, 2025 CVE published
April 8, 2025 Record updated