A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains a file upload server that is vulnerable to command injection. An attacker could use this to achieve arbitrary code execution.
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
https://cert-portal.siemens.com/productcert/html/ssa-484086.html