Remote Access Vulnerability in SENTRON 7KT PAC1260 Data Manager by Siemens
CVE-2024-41794

10CRITICAL

Key Information:

Vendor: Siemens
Status: Sentron 7kt Pac1260 Data Manager
Vendor: CVE Published:; 8 April 2025

Summary

A security issue has been detected in the SENTRON 7KT PAC1260 Data Manager, which could enable unauthorized remote access due to hardcoded credentials. If the SSH service is enabled, attackers with knowledge of these credentials can gain root-level access to the device operating system. This poses significant risks, particularly if combined with other security weaknesses.

Affected Version(s)

SENTRON 7KT PAC1260 Data Manager 0

References

https://cert-portal.siemens.com/productcert/html/ssa-1876...

CVSS V4

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Apr 8, 2025
Vulnerability Reserved
Jul 22, 2024