CVE-2021-45460

HIGH

Siemens Sicam PQ Analyzer Firmware < 3.18 - Denial of Service

Title source: rule

Description

A vulnerability has been identified in SICAM PQ Analyzer (All versions < V3.18). A service is started by an unquoted registry entry. As there are spaces in this path, attackers with write privilege to those directories might be able to plant executables that will run in place of the legitimate process. Attackers might achieve persistence on the system ("backdoors") or cause a denial of service.

References (1)

[Patch, Vendor Advisory] https://cert-portal.siemens.com/productcert/pdf/ssa-173318.pdf

Scores

CVSS v3 8.1

EPSS 0.0044

EPSS Percentile 63.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Details

CWE

CWE-428

Status published

Products (1)

siemens/sicam_pq_analyzer_firmware < 3.18

Published Jan 11, 2022

Tracked Since Feb 18, 2026