Vulnerability Details CVE-2021-45033
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions < V16.20), CP-8000 MASTER MODULE WITH I/O -40/+70°C (All versions < V16.20), CP-8021 MASTER MODULE (All versions < V16.20), CP-8022 MASTER MODULE WITH GPRS (All versions < V16.20). An undocumented debug port uses hard-coded default credentials. If this port is enabled by a privileged user, an attacker aware of the credentials could access an administrative debug shell on the affected device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 51.3%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 8.5
References
Products affected by CVE-2021-45033
-
cpe:2.3:h:siemens:cp-8000_master_module_with_i/o_-25/+70:-
-
cpe:2.3:h:siemens:cp-8000_master_module_with_i/o_-40/+70:-
-
cpe:2.3:h:siemens:cp-8021_master_module:-
-
cpe:2.3:h:siemens:cp-8022_master_module_with_gprs:-
-
cpe:2.3:o:siemens:cp-8000_master_module_with_i/o_-25/+70_firmware:-
-
cpe:2.3:o:siemens:cp-8000_master_module_with_i/o_-40/+70_firmware:-
-
cpe:2.3:o:siemens:cp-8021_master_module_firmware:-
-
cpe:2.3:o:siemens:cp-8022_master_module_with_gprs_firmware:-