Vulnerability Details : CVE-2011-4056
An unspecified ActiveX control in ActBar.ocx in Siemens Tecnomatix FactoryLink 6.6.1 (aka 6.6 SP1), 7.5.217 (aka 7.5 SP2), and 8.0.2.54 allows remote attackers to create or overwrite arbitrary files via the save method.
Exploit prediction scoring system (EPSS) score for CVE-2011-4056
Probability of exploitation activity in the next 30 days: 0.23%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 60 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2011-4056
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
5.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:N |
8.6
|
4.9
|
NIST |
References for CVE-2011-4056
-
http://www.usdata.com/sea/factorylink/en/p_nav5.asp
Patch;Vendor Advisory
-
http://www.us-cert.gov/control_systems/pdf/ICSA-11-343-01.pdf
404 - File Not Found | CISAUS Government Resource
Products affected by CVE-2011-4056
- cpe:2.3:a:siemens:tecnomatix_factorylink:6.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:tecnomatix_factorylink:7.5.217:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:tecnomatix_factorylink:8.0.2.54:*:*:*:*:*:*:*