CVE-2021-31337

Name of the Vulnerable Software and Affected Versions SIMATIC HMI Comfort Panels (affected versions not specified) SINAMICS SL150: All versions SINAMICS SM150: All versions SINAMICS SM150i: All versions

Description The issue concerns the Telnet service of the SIMATIC HMI Comfort Panels system component, which does not require authentication. This may allow a remote attacker to gain access to the device if the Telnet service is enabled.

Recommendations For SIMATIC HMI Comfort Panels, ensure the Telnet service is disabled to prevent unauthorized access. For SINAMICS SL150, SINAMICS SM150, and SINAMICS SM150i, no action is required since Telnet is disabled by default.