CVE-2024-32742

Name of the Vulnerable Software and Affected Versions SIMATIC CN 4100 versions prior to V3.0

Description The issue is related to the absence of an immutable root of trust in the device's firmware, which can be exploited through an unrestricted USB port. This could allow an attacker with local access to the device to gain complete read/write access to the filesystem by potentially booting another operating system.

Recommendations For SIMATIC CN 4100 versions prior to V3.0, update to version V3.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the USB port to minimize the risk of exploitation.