CVE-2023-49621

Name of the Vulnerable Software and Affected Versions SIMATIC CN 4100 versions prior to V2.7

Description A vulnerability has been identified in the intermediate installation process of the SIMATIC CN 4100 communication gateway, which is related to the use of default credentials with admin privileges. This could allow a remote attacker to gain complete control of the affected device.

Recommendations For versions prior to V2.7, update to version V2.7 or later to resolve the issue. As a temporary workaround, consider changing the default credentials to custom ones to prevent exploitation. Restrict access to the intermediate installation system state to minimize the risk of exploitation.