CVE-2011-4056
UnknownEPSS 1.11%
Last modified
CVE-2011-4056 is a vulnerability of currently unknown severity. An unspecified ActiveX control in ActBar.ocx in Siemens Tecnomatix FactoryLink 6.6.1 (aka 6.6 SP1), 7.5.217 (aka 7.5 SP2), and 8.0.2.54 allows remote attackers to create or overwrite arbitrary files via the save method.. EPSS estimates a 1.11% chance of exploitation in the next 30 days.
Description
An unspecified ActiveX control in ActBar.ocx in Siemens Tecnomatix FactoryLink 6.6.1 (aka 6.6 SP1), 7.5.217 (aka 7.5 SP2), and 8.0.2.54 allows remote attackers to create or overwrite arbitrary files via the save method.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Tecnomatix Factorylink | 6.6.1 |
| Siemens | Tecnomatix Factorylink | 7.5.217 |
| Siemens | Tecnomatix Factorylink | 8.0.2.54 |
References
- http://www.us-cert.gov/control_systems/pdf/ICSA-11-343-01.pdfUS Government Resource
- http://www.usdata.com/sea/factorylink/en/p_nav5.aspPatch, Vendor Advisory
- http://www.us-cert.gov/control_systems/pdf/ICSA-11-343-01.pdfUS Government Resource
- http://www.usdata.com/sea/factorylink/en/p_nav5.aspPatch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2011-4056?
An unspecified ActiveX control in ActBar.ocx in Siemens Tecnomatix FactoryLink 6.6.1 (aka 6.6 SP1), 7.5.217 (aka 7.5 SP2), and 8.0.2.54 allows remote attackers to create or overwrite arbitrary files via the save method.
How severe is CVE-2011-4056?
Severity scoring for CVE-2011-4056 is pending analysis. The EPSS model estimates a 1.11% probability of exploitation in the next 30 days.
How do I fix CVE-2011-4056?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2011-4056?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST