CVE-2011-4531

Siemens Automation License Manager < 5.1 - DoS via Crafted Commands

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-4531.

AI-analyzed exploit summary This is a detailed technical writeup by Luigi Auriemma describing multiple vulnerabilities in Siemens Automation License Manager, including a buffer overflow leading to code execution, service exceptions, NULL pointer dereference, and file overwriting via an ActiveX component. The writeup includes analysis of affected functions, memory corruption mechanics, and exploitation vectors.

Description

Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted content in a (1) get_target_ocx_param or (2) send_target_ocx_param command.

Exploits (1)

exploitdb WRITEUP
doswindows
https://www.exploit-db.com/exploits/18165

This is a detailed technical writeup by Luigi Auriemma describing multiple vulnerabilities in Siemens Automation License Manager, including a buffer overflow leading to code execution, service exceptions, NULL pointer dereference, and file overwriting via an ActiveX component. The writeup includes analysis of affected functions, memory corruption mechanics, and exploitation vectors.

Classification
Writeup 90%
Attack Type
Rce | Dos
Complexity
Moderate
Reliability
Theoretical
Target: Siemens Automation License Manager <= 500.0.122.1
No auth needed
Prerequisites: Network access to the Siemens Automation License Manager service
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (4)

Core 4

Scores

EPSS 0.0888
EPSS Percentile 94.5%

Details

CWE
CWE-20
Status published
Products (1)
siemens/automation_license_manager < 5.1
Published Jan 08, 2012
Tracked Since Feb 18, 2026