SIMATIC CN 4100 privilege escalation via misconfigured config files (V<2.5)
CVE-2023-29130 Published on July 11, 2023
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5). Affected device consists of improper access controls in the configuration files that leads to privilege escalation. An attacker could gain admin access with this vulnerability leading to complete device control.
Weakness Type
What is an Authorization Vulnerability?
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CVE-2023-29130 has been classified to as an Authorization vulnerability or weakness.
Products Associated with CVE-2023-29130
Want to know whenever a new CVE is published for Siemens Simatic Cn 4100? stack.watch will email you.
Affected Versions
Siemens SIMATIC CN 4100 Version All versions < V2.5 is affected by CVE-2023-29130Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.