CVE-2024-41798
published 2024-10-08CVE-2024-41798: A vulnerability has been identified in SENTRON 7KM PAC3200 (All versions). Affected devices only provide a 4-digit PIN to protect from administrative access…
PriorityP260critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.53%
40.6th percentile
A vulnerability has been identified in SENTRON 7KM PAC3200 (All versions). Affected devices only provide a 4-digit PIN to protect from administrative access via Modbus TCP interface. Attackers with access to the Modbus TCP interface could easily bypass this protection by brute-force attacks or by sniffing the Modbus clear text communication.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | sentron_7km_pac3200 | < * | * |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor Modbus TCP traffic for rapid sequential PIN attempts against SENTRON 7KM PAC3200 devices, which may indicate a brute-force attack against the 4-digit PIN (only 10,000 possible combinations) ↗
- →Inspect Modbus TCP clear-text traffic for administrative PIN values being transmitted in plaintext, enabling credential sniffing detection via network monitoring/IDS on Modbus TCP port 502 ↗
- →Alert on any external/internet-routable source IP initiating Modbus TCP sessions to SENTRON 7KM PAC3200 devices, as the device provides no fix and relies solely on network segmentation ↗
- ·No fix is planned for any version of SENTRON 7KM PAC3200; the 4-digit PIN should not be treated as a security control against malicious access — only network-level controls are effective ↗
- ·The PIN protection on the Modbus TCP interface is limited to 4 digits (10,000 combinations), making it trivially brute-forceable; do not rely on it as an authentication boundary ↗
- ·Siemens explicitly states the PIN is intended only as protection against inadvertent operating errors, not against malicious brute-force attacks ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.09.3CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Siemens SENTRON PAC3200 Devices
cisa_ics·2024-10-10·CVSS 9.3
[CRITICAL] Siemens SENTRON PAC3200 Devices
ICS Advisory
##
Siemens SENTRON PAC3200 Devices
Release DateOctober 10, 2024
Alert CodeICSA-24-284-04
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 9.3
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SENTRON 7KM PAC3200
- Vulnerability: Improper Authentication
## 2. RISK EVALUATION
Successful exploitation of this vulnerabi
GHSA
GHSA-rcxw-v8q3-f2f8: A vulnerability has been identified in SENTRON 7KM PAC3200 (All versions)
ghsa_unreviewed·2024-10-08
CVE-2024-41798 [CRITICAL] CWE-287 GHSA-rcxw-v8q3-f2f8: A vulnerability has been identified in SENTRON 7KM PAC3200 (All versions)
A vulnerability has been identified in SENTRON 7KM PAC3200 (All versions). Affected devices only provide a 4-digit PIN to protect from administrative access via Modbus TCP interface. Attackers with access to the Modbus TCP interface could easily bypass this protection by brute-force attacks or by sniffing the Modbus clear text communication.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-10-08
Published