Siemens Siveillance Video Management Servers
Summary
A vulnerability in Siemens Siveillance Video Management Servers allows an authenticated remote attacker with read-only privileges to gain full access to the Webhooks API. Siemens has released new versions to address this issue and recommends updating to the latest versions.
IFF Assessment
FOE
A vulnerability exists that could allow attackers to gain unauthorized access.
Severity
6.3
Medium
Defender Context
This vulnerability allows for privilege escalation, meaning an attacker with limited access can gain full control of the Webhooks API. Defenders should promptly apply the provided patches and audit role security settings to mitigate the risk. Keep an eye on similar systems with webhooks, as they are an emerging attack surface.