VDB
CVE-2024-50310
CVE-2024-50310
PUBLISHED
CVSS 7.5 HIGH
A vulnerability has been identified in SIMATIC CP 1543-1 V4.0 (6GK7543-1AX10-0XE0) (All versions >= V4.0.44 < V4.0.50). Affected devices do not properly handle authorization. This could allow an unauthenticated remote attacker to gain access to the filesystem.
EPSS 0.56% · 68.7th percentile
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
EPSS Score
0.56%
68.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| siemens | simatic_cp_1543-1_firmware | 4.0.44 |
| siemens | simatic_cp_1543-1 | V4.0.44 |
| Siemens | SIMATIC CP 1543-1 V4.0 | V4.0.44 |
Exploit Intelligence
- CIRCL seen: CVE-2024-50310 (circl-sighting)
- CIRCL seen: CVE-2024-50310 (circl-sighting)
- CIRCL seen: CVE-2024-50310 (circl-sighting)
- https://cert-portal.siemens.com/productcert/html/ssa-654798.html (circl)
Timeline
- Nov 12, 2024 Coalition ESS Score
- Nov 12, 2024 CVE Published
- Nov 12, 2024 PoC Published
- Nov 12, 2024 PoC Published
- Nov 13, 2024 EPSS Score
- Nov 13, 2024 CVE Updated
- Nov 14, 2024 Coalition ESS Score
- Nov 14, 2024 PoC Published
- Dec 2, 2024 EPSS Score
- Dec 19, 2024 EPSS Score
- Jan 6, 2025 EPSS Score
- Jan 24, 2025 EPSS Score