CVE-2023-49251

Name of the Vulnerable Software and Affected Versions SIMATIC CN 4100 versions prior to V2.7

Description A vulnerability has been identified that allows an attacker to add their own login credentials to the device during the "intermediate installation" system state. This enables the attacker to remotely login as root and take control of the device even after it is fully set up. The issue is related to bypassing authorization using a user-controlled key, which can allow a remote attacker to enter the system and gain full control over the application.

Recommendations For versions prior to V2.7, update to version V2.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the device during the "intermediate installation" state to minimize the risk of exploitation.