
Severity
Medium
Analysis Summary
CVE-2020-7591
The affected product has an authentication bypass, which could make it vulnerable to an attacker impersonating a system user. Successful exploitation of this vulnerability could allow an authenticated attacker to impersonate other users of the system and perform (potentially administrative) actions on behalf of those users if the single sign-on feature (“Allow logon without password”) is enabled.
Impact
Use of client-side authentication
Affected Vendors
Siemens
Affected Products
SIPORT MP: Versions 3.2.1 and prior
Remediation
Siemens has released an updated version (v3.2.1).