Lucene search
HistoryJul 11, 2023 - 10:15 a.m.
CVE-2023-29131
vulnerability
simatic cn 4100
ssh
configuration
network isolation bypass
CVSS3
10
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
8.4
Confidence
High
EPSS
0.003
Percentile
65.7%
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5). Affected device consists of an incorrect default value in the SSH configuration. This could allow an attacker to bypass network isolation.
Affected configurations
Node
siemenssimatic_cn_4100Range<2.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| siemens | simatic_cn_4100 | * | cpe:2.3:a:siemens:simatic_cn_4100:*:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2023-29131
2023-07-11 10:15:10
cvelist
cvelist
CVE-2023-29131
2023-07-11 09:07:07
prion
prion
Design/Logic Flaw
2023-07-11 10:15:00
ics
ics
Siemens SIMATIC CN 4100
2023-07-13 12:00:00
Siemens SIMATIC CN 4100
2023-07-13 12:00:00
CVSS3
10
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
8.4
Confidence
High
EPSS
0.003
Percentile
65.7%
Related for NVD:CVE-2023-29131