PT-2023-22151 · Siemens · Simatic Cloud Connect 7 Cc716+1

Publicado

2023-05-09

·

Atualizado

2023-05-15

·

CVE-2023-29103

CVSS v3.1

4.3

Média

VetorAV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions SIMATIC Cloud Connect 7 CC712 versions 2.0 through 2.1 SIMATIC Cloud Connect 7 CC716 versions 2.0 through 2.1
Description A vulnerability has been identified where the affected device uses a hard-coded password to protect diagnostic files. This could allow an authenticated attacker to access protected data.
Recommendations For SIMATIC Cloud Connect 7 CC712 versions 2.0 through 2.1, consider changing the hard-coded password to a unique and secure password to prevent unauthorized access. For SIMATIC Cloud Connect 7 CC716 versions 2.0 through 2.1, consider changing the hard-coded password to a unique and secure password to prevent unauthorized access.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-259

Identificadores relacionados

CVE-2023-29103

Produtos afetados

Simatic Cloud Connect 7 Cc712
Simatic Cloud Connect 7 Cc716