SSH Access Vulnerability in Siemens CP-8031 and CP-8050 Master Modules
CVE-2023-36380

9.8CRITICAL

Key Information:

Vendor: Siemens
Status: Cp-8031 Master Module; Cp-8050 Master Module
Vendor: CVE Published:; 10 October 2023

Summary

A vulnerability has been discovered in the CP-8031 and CP-8050 Master Modules from Siemens. The issue stems from a hard-coded ID present in the SSH 'authorized_keys' configuration file. This flaw allows an attacker, possessing the corresponding private key, to gain unauthorized SSH access to the affected devices, provided that debug support is activated. It is crucial for users of these modules to review their configurations and ensure that debug support is disabled to mitigate the risk of exploitation.

Affected Version(s)

CP-8031 MASTER MODULE All versions < CPCI85 V05.11 (only with activated debug support)

CP-8050 MASTER MODULE All versions < CPCI85 V05.11 (only with activated debug support)

References

https://cert-portal.siemens.com/productcert/pdf/ssa-13465...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 10, 2023
Vulnerability Reserved
Jun 21, 2023