Unrestricted USB on Siemens SIMATIC CN 4100 (<V3.0): OS Boot, Full FS Access
CVE-2024-32742 Published on May 14, 2024
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device contains an unrestricted USB port. An attacker with local access to the device could potentially misuse the port for booting another operating system and gain complete read/write access to the filesystem.
Weakness Type
Missing Immutable Root of Trust in Hardware
A missing immutable root of trust in the hardware results in the ability to bypass secure boot or execute untrusted or adversarial boot code.
Products Associated with CVE-2024-32742
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2024-32742 are published in Siemens Simatic Cn 4100:
Affected Versions
Siemens SIMATIC CN 4100:- Before V3.0 is affected.
- Before 3.0 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.