A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected applications can be configured to allow users to manage own users. A local authenticated user with this privilege could use this modify users outside of their own scope as well as to escalate privileges.
Metrics
Affected Vendors & Products
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2024-38275 | A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected applications can be configured to allow users to manage own users. A local authenticated user with this privilege could use this modify users outside of their own scope as well as to escalate privileges. |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Wed, 27 Aug 2025 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Mon, 09 Sep 2024 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Siemens
Siemens sinema Remote Connect Server |
|
| Weaknesses | NVD-CWE-noinfo | |
| CPEs | cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:* cpe:2.3:a:siemens:sinema_remote_connect_server:3.2:-:*:*:*:*:*:* cpe:2.3:a:siemens:sinema_remote_connect_server:3.2:hf1:*:*:*:*:*:* |
|
| Vendors & Products |
Siemens
Siemens sinema Remote Connect Server |
Status: PUBLISHED
Assigner: siemens
Published:
Updated: 2025-08-27T20:42:56.927Z
Reserved: 2024-07-01T13:05:40.288Z
Link: CVE-2024-39870
Updated: 2024-08-02T04:33:10.884Z
Status : Modified
Published: 2024-07-09T12:15:18.603
Modified: 2024-11-21T09:28:27.860
Link: CVE-2024-39870
No data.
OpenCVE Enrichment
No data.
EUVD