CVE-2023-27465
Published: Jun 13, 2023
Modified: Aug 2, 2024
CVSS v3.1
4.6
Description
A vulnerability has been identified in SIMOTION C240 (All versions >= V5.4 < V5.5 SP1), SIMOTION C240 PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D410-2 DP (All versions >= V5.4 < V5.5 SP1), SIMOTION D410-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D425-2 DP (All versions >= V5.4 < V5.5 SP1), SIMOTION D425-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D435-2 DP (All versions >= V5.4 < V5.5 SP1), SIMOTION D435-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D445-2 DP/PN (All versions >= V5.4), SIMOTION D445-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D455-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION P320-4 E (All versions >= V5.4), SIMOTION P320-4 S (All versions >= V5.4). When operated with Security Level Low the device does not protect access to certain services relevant for debugging. This could allow an unauthenticated attacker to extract confidential technology object (TO) configuration from the device.
| Vendor | Product | Versions |
|---|---|---|
Siemens | SIMOTION C240 | affected All versions >= V5.4 < V5.5 SP1 |
Siemens | SIMOTION C240 PN | affected All versions >= V5.4 < V5.5 SP1 |
Siemens | SIMOTION D410-2 DP | affected All versions >= V5.4 < V5.5 SP1 |
Siemens | SIMOTION D410-2 DP/PN | affected All versions >= V5.4 < V5.5 SP1 |
Siemens | SIMOTION D425-2 DP | affected All versions >= V5.4 < V5.5 SP1 |
Siemens | SIMOTION D425-2 DP/PN | affected All versions >= V5.4 < V5.5 SP1 |
Siemens | SIMOTION D435-2 DP | affected All versions >= V5.4 < V5.5 SP1 |
Siemens | SIMOTION D435-2 DP/PN | affected All versions >= V5.4 < V5.5 SP1 |
Siemens | SIMOTION D445-2 DP/PN | affected All versions >= V5.4 |
Siemens | SIMOTION D445-2 DP/PN | affected All versions >= V5.4 < V5.5 SP1 |
Siemens | SIMOTION D455-2 DP/PN | affected All versions >= V5.4 < V5.5 SP1 |
Siemens | SIMOTION P320-4 E | affected All versions >= V5.4 |
Siemens | SIMOTION P320-4 S | affected All versions >= V5.4 |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now