Multiple vulnerabilities in Siemens SIMATIC CN 4100
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2024-32740 CVE-2024-32741 CVE-2024-32742 |
| CWE-ID | CWE-798 CWE-259 CWE-1326 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
SIMATIC CN 4100 Hardware solutions / Firmware |
| Vendor | Siemens |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Use of hard-coded credentials
EUVDB-ID: #VU89611
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-32740
CWE-ID:
CWE-798 - Use of Hard-coded Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain full access to vulnerable system.
The vulnerability exists due to presence of hard-coded credentials in application code. A remote unauthenticated attacker can access the affected system using the hard-coded credentials.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSIMATIC CN 4100: before 3.0
CPE2.3 External linkshttp://cert-portal.siemens.com/productcert/html/ssa-273900.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Use of Hard-coded Password
EUVDB-ID: #VU89612
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-32741
CWE-ID:
CWE-259 - Use of Hard-coded Password
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the affected device contains hard coded password which is used for the privileged system user root and for the boot loader GRUB by default. A remote attacker can gain root access to the target device.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSIMATIC CN 4100: before 3.0
CPE2.3 External linkshttp://cert-portal.siemens.com/productcert/html/ssa-273900.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Missing Immutable Root of Trust in Hardware
EUVDB-ID: #VU89613
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-32742
CWE-ID:
CWE-1326 - Missing Immutable Root of Trust in Hardware
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to compromise the target system.
The vulnerability exists due to the affected device contains an unrestricted USB port. An attacker with physical access can misuse the port for booting another operating system and gain complete read/write access to the filesystem.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSIMATIC CN 4100: before 3.0
CPE2.3 External linkshttp://cert-portal.siemens.com/productcert/html/ssa-273900.html
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
