A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05). The affected devices contain the hash of the root password in a hard-coded form, which could be exploited for UART console login to the device. An attacker with direct physical access could exploit this vulnerability.
References
Configurations
History
11 Jul 2023, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 Jul 2023, 20:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
29 Jun 2023, 20:14
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:siemens:cpci85_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:cp-8031_master_module:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:cp-8050_master_module:-:*:*:*:*:*:*:* |
|
References | (MISC) https://cert-portal.siemens.com/productcert/pdf/ssa-731916.pdf - Patch, Vendor Advisory | |
CWE | CWE-798 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.8 |
13 Jun 2023, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-13 09:15
Updated : 2024-02-04 23:37
NVD link : CVE-2023-33920
Mitre link : CVE-2023-33920
CVE.ORG link : CVE-2023-33920
JSON object : View
Products Affected
siemens
- cp-8031_master_module
- cp-8050_master_module
- cpci85_firmware
CWE
CWE-798
Use of Hard-coded Credentials