CVE-2024-21483

Name of the Vulnerable Software and Affected Versions SENTRON 7KM PAC3120 AC/DC versions V3.2.3 through V3.2.4 SENTRON 7KM PAC3120 DC versions V3.2.3 through V3.2.4 SENTRON 7KM PAC3220 AC/DC versions V3.2.3 through V3.2.4 SENTRON 7KM PAC3220 DC versions V3.2.3 through V3.2.4

Description A vulnerability has been identified in the SENTRON 7KM PAC devices, related to insufficient access control. The issue is caused by the read out protection of the internal flash not being properly set at the end of the manufacturing process. An attacker with physical access to the device could read out the data, potentially allowing them to bypass existing security restrictions and gain unauthorized access to protected information.

Recommendations For SENTRON 7KM PAC3120 AC/DC versions V3.2.3 through V3.2.4, consider restricting physical access to the device until a fix is available. For SENTRON 7KM PAC3120 DC versions V3.2.3 through V3.2.4, consider restricting physical access to the device until a fix is available. For SENTRON 7KM PAC3220 AC/DC versions V3.2.3 through V3.2.4, consider restricting physical access to the device until a fix is available. For SENTRON 7KM PAC3220 DC versions V3.2.3 through V3.2.4, consider restricting physical access to the device until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.