cbcvebase.
CVE-2023-36380
published 2023-10-10

CVE-2023-36380: A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.11 (only with activated debug support)), CP-8050 MASTER MODULE (All…

PriorityP343high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.36%
28.2th percentile
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.11 (only with activated debug support)), CP-8050 MASTER MODULE (All versions < CPCI85 V05.11 (only with activated debug support)). The affected devices contain a hard-coded ID in the SSH `authorized_keys` configuration file. An attacker with knowledge of the corresponding private key could login to the device via SSH. Only devices with activated debug support are affected.

Affected

4 ranges
VendorProductVersion rangeFixed in
siemenscp-8031_firmware< 05.1105.11
siemenscp-8031_master_module
siemenscp-8050_firmware< 05.1105.11
siemenscp-8050_master_module
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.