A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate installation" system state of the affected application uses default credential with admin privileges. An attacker could use the credentials to gain complete control of the affected device.
During the so-called 'intermediate installation' state, the SIMATIC CN 4100 device software uses predefined, default login credentials assigned to an account with administrator privileges. The vulnerability is classified as CWE-1392 (use of default credentials), meaning these credentials are known or easy to guess. An attacker can remotely log in to the device using these default credentials without requiring any privileges or user interaction.
An attacker gains full control of the device with administrator privileges, enabling them to read, modify, or destroy configuration data and potentially disrupt the operation of industrial systems to which the device is connected.
The SIMATIC CN 4100 device firmware must be updated to version V2.7 or later. Detailed information and patches are available in the Siemens security bulletin at: https://cert-portal.siemens.com/productcert/pdf/ssa-777015.pdf
Siemens SIMATIC CN 4100 – all firmware versions below V2.7
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HSiemens Simatic Cn 4100
HWSiemenswszystkie wersjeSiemens Simatic Cn 4100 Firmware
OSSiemens< 2.7
Related vulnerabilities
Siemens SIMATIC CN 4100 — zakodowane dane uwierzytelniające w firmware
Ukryte dane uwierzytelniające w Siemens SIMATIC CN 4100 (hardcoded credentials)
Zakodowane na stałe hasło root w Siemens SIMATIC CN 4100
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5). Affected device consists of impr...
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V5.0). The affected application does no...