CVE-2024-50310

A vulnerability has been identified in SIMATIC CP 1543-1 V4.0 (6GK7543-1AX10-0XE0) (All versions >= V4.0.44 < V4.0.50). Affected devices do not properly handle authorization. This could allow an unauthenticated remote attacker to gain access to the filesystem.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:siemens:simatic_cp_1543-1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_cp_1543-1:-:*:*:*:*:*:*:*

History

13 Nov 2024, 23:15

Type Values Removed Values Added
Summary
  • (es) Se ha identificado una vulnerabilidad en SIMATIC CP 1543-1 V4.0 (6GK7543-1AX10-0XE0) (todas las versiones &gt;= V4.0.44 &lt; V4.0.50). Los dispositivos afectados no gestionan correctamente la autorización. Esto podría permitir que un atacante remoto no autenticado obtenga acceso al sistema de archivos.
References () https://cert-portal.siemens.com/productcert/html/ssa-654798.html - () https://cert-portal.siemens.com/productcert/html/ssa-654798.html - Patch, Vendor Advisory
First Time Siemens
Siemens simatic Cp 1543-1 Firmware
Siemens simatic Cp 1543-1
CPE cpe:2.3:o:siemens:simatic_cp_1543-1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_cp_1543-1:-:*:*:*:*:*:*:*

12 Nov 2024, 13:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-11-12 13:15

Updated : 2024-11-13 23:15


NVD link : CVE-2024-50310

Mitre link : CVE-2024-50310

CVE.ORG link : CVE-2024-50310


JSON object : View

Products Affected

siemens

  • simatic_cp_1543-1_firmware
  • simatic_cp_1543-1
CWE
CWE-863

Incorrect Authorization