CVE-2023-49251

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate installation" system state of the affected application allows an attacker to add their own login credentials to the device. This allows an attacker to remotely login as root and take control of the device even after the affected device is fully set up.
Configurations

Configuration 1 (hide)

cpe:2.3:a:siemens:simatic_cn_4100:*:*:*:*:*:*:*:*

History

21 Nov 2024, 08:33

Type Values Removed Values Added
New CVE

Information

Published : 2024-01-09 10:15

Updated : 2024-11-21 08:33


NVD link : CVE-2023-49251

Mitre link : CVE-2023-49251

CVE.ORG link : CVE-2023-49251


JSON object : View

Products Affected

siemens

  • simatic_cn_4100
CWE
CWE-639

Authorization Bypass Through User-Controlled Key