A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5). Affected device consists of improper access controls in the configuration files that leads to privilege escalation. An attacker could gain admin access with this vulnerability leading to complete device control.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HSiemens Simatic Cn 4100 Firmware
OSSiemens< 2.5
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
LPE
Related vulnerabilities
CVE-2025-40938CRITICAL9.2PL ✓ten sam produkt
Siemens SIMATIC CN 4100 — zakodowane dane uwierzytelniające w firmware
CVE-2024-32740CRITICAL9.8PL ✓ten sam produkt
Ukryte dane uwierzytelniające w Siemens SIMATIC CN 4100 (hardcoded credentials)
CVE-2024-32741CRITICAL10.0PL ✓ten sam produkt
Zakodowane na stałe hasło root w Siemens SIMATIC CN 4100
CVE-2023-49621CRITICAL9.8PL ✓ten sam produkt
Siemens SIMATIC CN 4100 – domyślne dane uwierzytelniające z uprawnieniami administratora
CVE-2026-22924HIGH8.8ten sam produkt
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V5.0). The affected application does no...