Rewterz Threat Advisory – ICS: Siemens Mendix Email Connector Vulnerability

Severity

High

Analysis Summary

CVE-2022-45936

Siemens Mendix Email Connector could allow a remote authenticated attacker to obtain sensitive information, caused by improper access control. An attacker could exploit this vulnerability to obtain sensitive information and use this information to launch further attacks against the affected system.

Impact

Information Disclosure

Indicators Of Compromise

CVE

• CVE-2022-45936

Affected Vendors

Siemens

Affected Products

• Siemens Mendix Email Connector 1.9.8
• Siemens Mendix Email Connector 1.9.9

Remediation

Refer to Siemens Security Advisory for patch, upgrade or suggested workaround information. 

Siemens Security Advisory