SSA-216014 — Vulnetix

Try Vulnetix Request Demo

SSA-216014 PUBLISHED CVSS 8.199999809265137 HIGH

The affected devices have insufficient protection mechanism for the EFI(Extensible Firmware Interface) variables stored on the device. This could allow an authenticated attacker to alter the secure boot configuration without proper authorization by directly communicate with the flash controller.

Risk Scores

CVSS v3.1

8.199999809265137

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Siemens	SIMATIC IPC RC-543B
Siemens	SIMATIC IPC477E
Siemens	SIMATIC IPC277G PRO
Siemens	SIMATIC IPC277E
Siemens	SIMATIC IPC847E
Siemens	SIMATIC IPC127E
Siemens	SIMATIC IPC627E
Siemens	SIMATIC IPC227E
Siemens	SIMATIC IPC277G
Siemens	SIMATIC IPC3000 SMART V3
Siemens	SIMATIC Field PG M6
Siemens	SIMATIC IPC427E
Siemens	SIMATIC IPC327G
Siemens	SIMATIC ITP1000
Siemens	SIMATIC IPC BX-39A
Siemens	SIMATIC Field PG M5
Siemens	SIMATIC IPC RW-543A
Siemens	SIMATIC IPC BX-59A
Siemens	SIMATIC IPC PX-32A
Siemens	SIMATIC IPC RC-543A

…and 12 more

Timeline

Mar 11, 2025 CVE Published
Apr 14, 2026 CVE Updated

References

Open in Interactive Console →