{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T16:32:03.028","vulnerabilities":[{"cve":{"id":"CVE-2020-15797","sourceIdentifier":"productcert@siemens.com","published":"2020-10-13T16:15:21.280","lastModified":"2024-11-21T05:06:12.010","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been identified in DCA Vantage Analyzer (All versions < V4.5 are affected by CVE-2020-7590. In addition, serial numbers < 40000 running software V4.4.0 are also affected by CVE-2020-15797). Improper Access Control could allow an unauthenticated attacker to escape from the restricted environment (“kiosk mode”) and access the underlying operating system. Successful exploitation requires direct physical access to the system."},{"lang":"es","value":"Se ha identificado una vulnerabilidad en DCA Vantage Analyzer (todas las versiones anteriores a V4.5 están afectadas por CVE-2020-7590. Además, los números de serial anteriores a 40000 que ejecutan el software versión V4.4.0 también están afectados por CVE-2020-15797).&#xa0;Un Control de Acceso Inapropiado podría permitir a un atacante no autenticado escapar del entorno restringido (“kiosk mode”) y acceder al sistema operativo subyacente.&#xa0;Una explotación con éxito requiere acceso físico directo al sistema"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"productcert@siemens.com","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:dca_vantage_analyzer_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.5.0.0","matchCriteriaId":"2B4F34A3-AB7B-4528-9F27-3073E25A5176"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:dca_vantage_analyzer:-:*:*:*:*:*:*:*","matchCriteriaId":"EDE5221F-8629-4DC4-AD8A-93EED671469B"}]}]}],"references":[{"url":"https://www.siemens-healthineers.com/support-documentation/security-advisory","source":"productcert@siemens.com","tags":["Vendor Advisory"]},{"url":"https://www.siemens-healthineers.com/support-documentation/security-advisory","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}