CVE-2011-4532

Siemens Automation License Manager < 5.1 - Unauthenticated Arbitrary File Write

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-4532. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary This is a detailed technical writeup by Luigi Auriemma describing multiple vulnerabilities in Siemens Automation License Manager, including a buffer overflow leading to RCE, service exceptions, NULL pointer dereference, and file overwriting via an ActiveX component. The writeup includes analysis of affected functions, memory corruption mechanics, and exploitation vectors.

Description

Absolute path traversal vulnerability in the ALMListView.ALMListCtrl ActiveX control in almaxcx.dll in the graphical user interface in Siemens Automation License Manager (ALM) 2.0 through 5.1+SP1+Upd2 allows remote attackers to overwrite arbitrary files via the Save method.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Luigi Auriemma · textdoswindows
https://www.exploit-db.com/exploits/18165

This is a detailed technical writeup by Luigi Auriemma describing multiple vulnerabilities in Siemens Automation License Manager, including a buffer overflow leading to RCE, service exceptions, NULL pointer dereference, and file overwriting via an ActiveX component. The writeup includes analysis of affected functions, memory corruption mechanics, and exploitation vectors.

Classification
Writeup 100%
Attack Type
Rce | Dos | Other
Complexity
Moderate
Reliability
Theoretical
Target: Siemens Automation License Manager <= 500.0.122.1
No auth needed
Prerequisites: Network access to the Siemens Automation License Manager service
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (4)

Core 4

Scores

EPSS 0.0358
EPSS Percentile 87.9%

Details

CWE
CWE-22
Status published
Products (1)
siemens/automation_license_manager < 5.1
Published Jan 08, 2012
Tracked Since Feb 18, 2026