CVE-2023-49621
published 2024-01-09CVE-2023-49621: A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate installation" system state of the affected application uses…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate installation" system state of the affected application uses default credential with admin privileges. An attacker could use the credentials to gain complete control of the affected device.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | simatic_cn_4100 | — | — |
| siemens | simatic_cn_4100_firmware | < 2.7 | 2.7 |