CVE-2023-29130

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5). Affected device consists of improper access controls in the configuration files that leads to privilege escalation. An attacker could gain admin access with this vulnerability leading to complete device control.
Configurations

Configuration 1 (hide)

cpe:2.3:a:siemens:simatic_cn_4100:*:*:*:*:*:*:*:*

History

21 Nov 2024, 07:56

Type Values Removed Values Added
References () https://cert-portal.siemens.com/productcert/pdf/ssa-313488.pdf - Patch, Vendor Advisory () https://cert-portal.siemens.com/productcert/pdf/ssa-313488.pdf - Patch, Vendor Advisory
CVSS v2 : unknown
v3 : 10.0
v2 : unknown
v3 : 9.9

18 Jul 2023, 15:53

Type Values Removed Values Added
CWE NVD-CWE-noinfo
CPE cpe:2.3:a:siemens:simatic_cn_4100:*:*:*:*:*:*:*:*
References (MISC) https://cert-portal.siemens.com/productcert/pdf/ssa-313488.pdf - (MISC) https://cert-portal.siemens.com/productcert/pdf/ssa-313488.pdf - Patch, Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 10.0

11 Jul 2023, 10:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-07-11 10:15

Updated : 2024-11-21 07:56


NVD link : CVE-2023-29130

Mitre link : CVE-2023-29130

CVE.ORG link : CVE-2023-29130


JSON object : View

Products Affected

siemens

  • simatic_cn_4100
CWE
CWE-284

Improper Access Control

NVD-CWE-noinfo