Siemens Simatic Cn 4100
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Siemens Simatic Cn 4100.
By the Year
In 2026 there have been 0 vulnerabilities in Siemens Simatic Cn 4100. Last year, in 2025 Simatic Cn 4100 had 5 security vulnerabilities published. Right now, Simatic Cn 4100 is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 5 | 6.04 |
| 2024 | 5 | 9.03 |
| 2023 | 2 | 10.00 |
It may take a day or so for new Simatic Cn 4100 vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Siemens Simatic Cn 4100 Security Vulnerabilities
SIMATIC CN 4100 v<4.0.1 Info Disclosure
CVE-2025-40941
4.3 - Medium
- December 09, 2025
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected devices exposes server information in its responses. This could allow an attacker with network access to gain useful information, increasing the likelihood of targeted attacks.
Information Disclosure
SNMP Disclosure in SIMATIC CN4100 <V4.0.1
CVE-2025-40940
4.9 - Medium
- December 09, 2025
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected application exhibits inconsistent SNMP behavior, such as unexpected service availability and unreliable configuration handling across protocol versions. This could allow an attacker to access sensitive data, potentially leading to a breach of confidentiality.
Information Disclosure
Unauth USB Access Enables Reboot DoS in SIMATIC CN4100 (v<4.0.1)
CVE-2025-40939
4.6 - Medium
- December 09, 2025
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected device contains a USB port which allows unauthenticated connections. This could allow an attacker with physical access to the device to trigger reboot that could cause denial of service condition.
Authorization
Firmware info leak on SIMATIC CN 4100 (<4.0.1)
CVE-2025-40938
8.1 - High
- December 09, 2025
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected device stores sensitive information in the firmware. This could allow an attacker to access and misuse this information, potentially impacting the devices confidentiality, integrity, and availability.
Use of Hard-coded Credentials
SIMATIC CN 4100 < V4.0.1 Improper REST API Input Allows Authenticated Code Exec
CVE-2025-40937
8.3 - High
- December 09, 2025
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected application do not properly validate input parameters in its REST API, resulting in improper handling of unexpected arguments. This could allow an authenticated attacker to execute arbitrary code with limited privileges.
Command Injection
Unrestricted USB on Siemens SIMATIC CN 4100 (<V3.0): OS Boot, Full FS Access
CVE-2024-32742
- May 14, 2024
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device contains an unrestricted USB port. An attacker with local access to the device could potentially misuse the port for booting another operating system and gain complete read/write access to the filesystem.
Missing Immutable Root of Trust in Hardware
SIMATIC CN 4100 < V3.0 Hardcoded root+GRUB Pass Default Vulnerability
CVE-2024-32741
- May 14, 2024
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device contains hard coded password which is used for the privileged system user `root` and for the boot loader `GRUB` by default . An attacker who manages to crack the password hash gains root access to the device.
Use of Hard-coded Password
SIMATIC CN 4100: Default Admin Credentials in Intermediate State allow Full Control (All < V2.7)
CVE-2023-49621
9.8 - Critical
- January 09, 2024
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate installation" system state of the affected application uses default credential with admin privileges. An attacker could use the credentials to gain complete control of the affected device.
1392
SIMATIC CN 4100 Unauth IP Config Change (V < V2.7) DoS
CVE-2023-49252
7.5 - High
- January 09, 2024
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The affected application allows IP configuration change without authentication to the device. This could allow an attacker to cause denial of service condition.
SIMATIC CN 4100 <V2.7: RCE via credential injection in intermid install
CVE-2023-49251
9.8 - Critical
- January 09, 2024
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate installation" system state of the affected application allows an attacker to add their own login credentials to the device. This allows an attacker to remotely login as root and take control of the device even after the affected device is fully set up.
Insecure Direct Object Reference / IDOR
SIMATIC CN 4100 privilege escalation via misconfigured config files (V<2.5)
CVE-2023-29130
10 - Critical
- July 11, 2023
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5). Affected device consists of improper access controls in the configuration files that leads to privilege escalation. An attacker could gain admin access with this vulnerability leading to complete device control.
SIMATIC CN 4100 SSH Default Value Bypass Network Isolation (All < V2.5)
CVE-2023-29131
10 - Critical
- July 11, 2023
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5). Affected device consists of an incorrect default value in the SSH configuration. This could allow an attacker to bypass network isolation.
Incorrect Default Permissions
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Siemens Simatic Cn 4100 or by Siemens? Click the Watch button to subscribe.
