PT-2021-7732 · Siemens · Qms Automotive+1

Published

2021-04-13

Updated

2021-04-30

CVE-2021-27389

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Opcenter Quality versions prior to V12.2 QMS Automotive versions prior to V12.30

Description A vulnerability has been identified related to the use of a hardcoded cryptographic key. This issue is associated with inadequate protection of a private sign key shipped with the product. The exploitation of this vulnerability may allow a remote attacker to elevate their privileges.

Recommendations For Opcenter Quality versions prior to V12.2, update to version V12.2 or later to resolve the issue. For QMS Automotive versions prior to V12.30, update to version V12.30 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-321

Related Identifiers

BDU:2023-02120

CVE-2021-27389

Affected Products

Opcenter Quality

Qms Automotive

PT-2021-7732 · Siemens · Qms Automotive+1

CVE-2021-27389

Weakness Enumeration

Related Identifiers

Affected Products

References · 4