CVE-2021-33716

2021-09-1410:47:34

CWE-312

siemens

www.cve.org

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.0%

JSON

A vulnerability has been identified in SIMATIC CP 1543-1 (incl. SIPLUS variants) (All versions < V3.0), SIMATIC CP 1545-1 (All versions < V1.1). An attacker with access to the subnet of the affected device could retrieve sensitive information stored in cleartext.

CNA Affected

[
  {
    "product": "SIMATIC CP 1543-1 (incl. SIPLUS variants)",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V3.0"
      }
    ]
  },
  {
    "product": "SIMATIC CP 1545-1",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V1.1"
      }
    ]
  }
]

References

cert-portal.siemens.com/productcert/pdf/ssa-535997.pdf