SIMATIC CN 4100: Default Admin Credentials in Intermediate State allow Full Control (All < V2.7)
CVE-2023-49621 Published on January 9, 2024

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate installation" system state of the affected application uses default credential with admin privileges. An attacker could use the credentials to gain complete control of the affected device.

NVD

Weakness Type

CWE-1392

Products Associated with CVE-2023-49621

Want to know whenever a new CVE is published for Siemens Simatic Cn 4100? stack.watch will email you.

Siemens Simatic Cn 4100

Affected Versions

Siemens SIMATIC CN 4100 Version All versions < V2.7 is affected by CVE-2023-49621

Exploit Probability

EPSS

0.15%

Percentile

35.65%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

SIMATIC CN 4100: Default Admin Credentials in Intermediate State allow Full Control (All < V2.7)CVE-2023-49621 Published on January 9, 2024

Weakness Type

Products Associated with CVE-2023-49621

Affected Versions

Exploit Probability

SIMATIC CN 4100: Default Admin Credentials in Intermediate State allow Full Control (All < V2.7)
CVE-2023-49621 Published on January 9, 2024