VDB
SSA-446307
SSA-446307
PUBLISHED
CVSS 10 CRITICAL
SIMATIC IPC RS-828A is affected by an authentication bypass vulnerability in the Redfish interface of its Baseboard Management Controller (BMC) that could allow an attacker to gain unauthorized access and compromise confidentiality, integrity and availability of the BMC and thus the entire system. Siemens has released a new version for SIMATIC IPC RS-828A - BMC firmware and recommends to update to the latest version.
Risk Scores
CVSS 3.1
10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SIMATIC IPC RS-828A - BMC firmware |
Exploit Intelligence
- Just poc for CVE 2024-54085 (github-poc-repo)
- Just poc for CVE 2024-54085 (github-poc-repo)
- Just poc for CVE 2024-54085 (github-poc)
- Just poc for CVE 2024-54085 (github-poc)
- https://cert-portal.siemens.com/productcert/html/ssa-446307.html (circl)
- https://cert-portal.siemens.com/productcert/csaf/ssa-446307.json (circl)
- https://support.industry.siemens.com/cs/ww/en/view/109763408/ (circl)
- kev.json (github-poc)
- kev.json (github-poc)
- data.js (github-poc)
…and 1 more exploits
Timeline
- May 13, 2025 CVE Published
- Aug 12, 2025 CVE Updated