CVE-2021-27389

2021-04-2220:42:21

CWE-321

siemens

www.cve.org

9.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.3%

JSON

A vulnerability has been identified in Opcenter Quality (All versions < V12.2), QMS Automotive (All versions < V12.30). A private sign key is shipped with the product without adequate protection.

CNA Affected

[
  {
    "product": "Opcenter Quality",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V12.2"
      }
    ]
  },
  {
    "product": "QMS Automotive",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V12.30"
      }
    ]
  }
]

References

cert-portal.siemens.com/productcert/pdf/ssa-788287.pdf