Unauthorized Access to Filesystem via Authentication Bypass

CVE-2024-50310

7.5HIGH

Key Information

Vendor
Siemens
Status
Simatic Cp 1543-1 V4.0
Vendor
CVE Published:
12 November 2024

Summary

A vulnerability has been identified in SIMATIC CP 1543-1 V4.0 (6GK7543-1AX10-0XE0) (All versions >= V4.0.44 < V4.0.50). Affected devices do not properly handle authorization. This could allow an unauthenticated remote attacker to gain access to the filesystem.

Affected Version(s)

SIMATIC CP 1543-1 V4.0 < V4.0.44

Refferences

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.