A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During establishment of a https connection to the TLS server of a managed device, the affected application doesn't check device's certificate common name against an expected value. This could allow an attacker to execute an on-path network (MitM) attack.
2025-07-08T11:15:24.180
2025-08-20T16:17:45.790
Analyzed
CVSSv3.1: 8.1 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | siemens | sicam_toolbox_ii | < 07.11 | Yes |