CVE-2020-25239

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0). The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the UMC authorization server could be changed to add a rogue server by an attacker authenticating with unprivilege user rights. Date published : 2021-03-15 https://cert-portal.siemens.com/productcert/pdf/ssa-731317.pdf