Arbitrary File Overwrite Vulnerability in Siemens Automation License Manager (ALM)

Arbitrary File Overwrite Vulnerability in Siemens Automation License Manager (ALM)

CVE-2011-4532 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

Absolute path traversal vulnerability in the ALMListView.ALMListCtrl ActiveX control in almaxcx.dll in the graphical user interface in Siemens Automation License Manager (ALM) 2.0 through 5.1+SP1+Upd2 allows remote attackers to overwrite arbitrary files via the Save method.

Learn more about our User Device Pen Test.