Back to search
CVE-2021-31337
Published: Jun 28, 2021
Modified: Aug 3, 2024
PUBLISHED
Description
The Telnet service of the SIMATIC HMI Comfort Panels system component in affected products does not require authentication, which may allow a remote attacker to gain access to the device if the service is enabled. Telnet is disabled by default on the SINAMICS Medium Voltage Products (SINAMICS SL150: All versions, SINAMICS SM150: All versions, SINAMICS SM150i: All versions).
| Vendor | Product | Versions |
|---|---|---|
n/a | SINAMICS Medium Voltage Products | affected SINAMICS SL150: All versions, SINAMICS SM150: All versions, SINAMICS SM150i: All versions |
Weaknesses (CWE)
References
https://us-cert.cisa.gov/ics/advisories/icsa-21-131-04
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now