VDB

CVE-2023-29130

CVE-2023-29130 PUBLISHED CVSS 10 CRITICAL

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5). Affected device consists of improper access controls in the configuration files that leads to privilege escalation. An attacker could gain admin access with this vulnerability leading to complete device control.

EPSS 0.23% · 45.7th percentile

Risk Scores

CVSS 3.1
10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS Score
0.23%
45.7th percentile

Affected Products

VendorProductVersions
siemenssimatic_cn_4100_firmware0, 0, 0
SiemensSIMATIC CN 4100*

Timeline

  • Jul 11, 2023 CVE Published
  • Jul 12, 2023 EPSS Score
  • Aug 16, 2023 EPSS Score
  • Sep 19, 2023 EPSS Score
  • Oct 24, 2023 EPSS Score
  • Nov 27, 2023 EPSS Score
  • Jan 1, 2024 EPSS Score
  • Feb 5, 2024 EPSS Score
  • Mar 10, 2024 EPSS Score
  • Apr 14, 2024 EPSS Score
  • May 18, 2024 EPSS Score
  • Jun 22, 2024 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›