CVE-2023-49252

Name of the Vulnerable Software and Affected Versions SIMATIC CN 4100 versions prior to V2.7

Description A vulnerability has been identified that allows IP configuration changes without authentication to the device, potentially leading to a denial of service condition. The issue is related to insufficient input validation in the software of the communication gateway SIMATIC CN 4100. This could enable a remote attacker to modify the IP configuration and cause a denial of service.

Recommendations For versions prior to V2.7, update to version V2.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the device to prevent unauthorized IP configuration changes. Avoid using the device without proper authentication until the issue is resolved.