The Siemens SPCanywhere application for Android and iOS does not use encryption during lookups of system ID to IP address mappings, which allows man-in-the-middle attackers to discover alarm IP addresses and spoof servers by intercepting the client-server data stream.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2015-03-07T02:00:00
Updated: 2024-08-06T04:47:17.319Z
Reserved: 2015-02-13T00:00:00
Link: CVE-2015-1595
Vulnrichment
No data.
NVD
Status : Modified
Published: 2015-03-07T02:59:04.943
Modified: 2024-11-21T02:25:44.343
Link: CVE-2015-1595
Redhat
No data.