After reviewing some Siemens software, I found a couple of issues which related to Insecure Folder Permissions which I reported to their security team.

The Siemens team was very responsive and kept me informed throughout their review process.

The issues which I reported were remediated and Siemens released two CVE’s and bulletins for which I received credit.

CVE-2020-25245

https://cert-portal.siemens.com/productcert/pdf/ssa-536315.pdf

CVE-2020-28392

https://cert-portal.siemens.com/productcert/pdf/ssa-794542.pdf

Additionally, I made it into their Hall of Thanks for 2021

Leave a Reply

Your email address will not be published. Required fields are marked *