Spectrum Power 4 UI cmd exec <v4.70 SP12 U2
CVE-2024-32011 Published on November 11, 2025
A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP12 Update 2). The affected application is vulnerable to run arbitrary commands via the user interface. This user interface can be used via the network and allows the execution of commands as administrative application user.
Weakness Type
Inclusion of Functionality from Untrusted Control Sphere
The software imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere.
Products Associated with CVE-2024-32011
Want to know whenever a new CVE is published for Siemens Spectrum Power 4? stack.watch will email you.
Affected Versions
Siemens Spectrum Power 4:- Before V4.70 SP12 Update 2 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.