Vulnerability Details CVE-2021-42027
A vulnerability has been identified in SINUMERIK Edge (All versions < V3.2). The affected software does not properly validate the server certificate when initiating a TLS connection. This could allow an attacker to spoof a trusted entity by interfering in the communication path between the client and the intended server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.3%
CVSS Severity
CVSS v3 Score 7.4
CVSS v2 Score 5.8
References
Products affected by CVE-2021-42027
-
cpe:2.3:a:siemens:sinumerik_edge:*