CVE-2016-3155

low

Published 2016-03-18 · Modified 2026-05-06

CVSS v3

3.4

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

CVSS v2

3.6

VIR risk

3.4

Description

Siemens APOGEE Insight uses weak permissions for the application folder, which allows local users to obtain sensitive information or modify data via unspecified vectors.

Predictions

Exploit likelihood

35%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-151221.pdf

References

http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-151221.pdf
https://ics-cert.us-cert.gov/advisories/ICSA-16-082-01
http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-151221.pdf
https://ics-cert.us-cert.gov/advisories/ICSA-16-082-01

CWEs

CWE-200

Verify integrity in audit chain (admin only). AS-IS.