CVE-2023-33921

🗓️ 13 Jun 2023 08:17:20Reported by siemensType

A vulnerability in CP-8031 & CP-8050 MASTER MODULE could allow unauthorized logi

Reporter	Title	Published	Views	Family All 13
BDU FSTEC	The vulnerability of the web server of the microprogramming software for the processor module control units of Siemens SICAM CP-8031 and CP-8050 allows a hacker to elevate their privileges to the root level.	4 Jul 202300:00	–	bdu_fstec
CNNVD	Siemens CP-8031 安全漏洞	13 Jun 202300:00	–	cnnvd
CNVD	Unspecified Vulnerability in Siemens SICAM A8000 Devices CPCI85 Firmware	14 Jun 202300:00	–	cnvd
Cvelist	CVE-2023-33921	13 Jun 202308:17	–	cvelist
EUVD	EUVD-2023-38071	3 Oct 202520:07	–	euvd
ICS	Siemens SICAM A8000 Devices	13 Jun 202300:00	–	ics
NCSC	Vulnerabilities fixed in Siemens products	13 Jun 202300:00	–	ncsc
NVD	CVE-2023-33921	13 Jun 202309:15	–	nvd
Packet Storm	Siemens A8000 CP-8050 / CP-8031 Code Execution / Command Injection	11 Jul 202300:00	–	packetstorm
Prion	Default credentials	13 Jun 202309:15	–	prion

NVD

Node

siemens cpci85_firmwareRange<v05

AND

siemens cp-8050_master_moduleMatch-

Node

siemens cpci85_firmwareRange<v05

AND

siemens cp-8031_master_moduleMatch-

[
  {
    "vendor": "Siemens",
    "product": "CP-8031 MASTER MODULE",
    "versions": [
      {
        "version": "All versions < CPCI85 V05",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "CP-8050 MASTER MODULE",
    "versions": [
      {
        "version": "All versions < CPCI85 V05",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-731916.pdf
seclists	www.seclists.org/fulldisclosure/2023/Jul/14
packetstormsecurity	www.packetstormsecurity.com/files/173370/Siemens-A8000-CP-8050-CP-8031-Code-Execution-Command-Injection.html

21 Nov 2024 08:06Current

6.7Medium risk

Vulners AI Score6.7

CVSS 3.16.8

EPSS0.0017

SSVC

CWE-749