CISA has published an advisory on an execution with unnecessary privileges vulnerability in Siemens License Management Utility. All versions prior to v2.4 are affected. Successful exploitation of this vulnerability could allow local users to escalate privileges. Siemens has released an updated version and recommends users install this update on all affected systems. Additionally, it has identified specific workarounds and mitigations users can apply to reduce risk. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!