A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5). Affected device consists of improper access controls in the configuration files that leads to privilege escalation. An attacker could gain admin access with this vulnerability leading to complete device control.
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-313488.pdf | Patch Vendor Advisory |
https://cert-portal.siemens.com/productcert/pdf/ssa-313488.pdf | Patch Vendor Advisory |
Configurations
History
21 Nov 2024, 07:56
Type | Values Removed | Values Added |
---|---|---|
References | () https://cert-portal.siemens.com/productcert/pdf/ssa-313488.pdf - Patch, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.9 |
18 Jul 2023, 15:53
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:a:siemens:simatic_cn_4100:*:*:*:*:*:*:*:* | |
References | (MISC) https://cert-portal.siemens.com/productcert/pdf/ssa-313488.pdf - Patch, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 10.0 |
11 Jul 2023, 10:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-11 10:15
Updated : 2024-11-21 07:56
NVD link : CVE-2023-29130
Mitre link : CVE-2023-29130
CVE.ORG link : CVE-2023-29130
JSON object : View
Products Affected
siemens
- simatic_cn_4100
CWE