Siemens: >> Simatic Cn 4100 Firmware Security Vulnerabilities
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device contains an unrestricted USB port. An attacker with local access to the device could potentially misuse the port for booting another operating system and gain complete read/write access to the filesystem.
CVSS Score
7.6
EPSS Score
0.001
Published
2024-05-14
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device contains undocumented users and credentials. An attacker could misuse the credentials to compromise the device
locally or over the network.
CVSS Score
9.8
EPSS Score
0.006
Published
2024-05-14
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device contains hard coded password which is used for the privileged system user `root` and for the boot loader `GRUB` by default . An attacker who manages to crack the password hash gains root access to the device.
CVSS Score
10.0
EPSS Score
0.005
Published
2024-05-14