SSA-654798 — Vulnetix

SSA-654798 PUBLISHED CVSS 7.5 HIGH

SIMATIC CP 1543-1 devices contain an Incorrect Authorization vulnerability that could allow an unauthenticated attacker to gain access to the filesystem. Siemens has released a new version for SIMATIC CP 1543-1 V4.0 and recommends to update to the latest version.

Risk Scores

CVSS v3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

Affected Products

Vendor	Product	Versions
	SIMATIC CP 1543-1 V4.0 (6GK7543-1AX10-0XE0)

Timeline

Nov 12, 2024 CVE Published

References

https://cert-portal.siemens.com/productcert/html/ssa-654798.html advisory
https://cert-portal.siemens.com/productcert/csaf/ssa-654798.json advisory
https://support.industry.siemens.com/cs/ww/en/view/109976120/ fix

Open in Interactive Console →