CVSS: 8.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-42797
https://notcve.org/view.php?id=CVE-2023-42797
09 Jan 2024 — A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.20), CP-8050 MASTER MODULE (All versions < CPCI85 V05.20). The network configuration service of affected devices contains a flaw in the conversion of ipv4 addresses that could lead to an uninitialized variable being used in succeeding validation steps. By uploading specially crafted network configuration, an authenticated remote attacker could be able to inject commands that are executed on the device with root privilege... • https://cert-portal.siemens.com/productcert/pdf/ssa-583634.pdf • CWE-908: Use of Uninitialized Resource •
CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-42796
https://notcve.org/view.php?id=CVE-2023-42796
10 Oct 2023 — A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.11), CP-8050 MASTER MODULE (All versions < CPCI85 V05.11). The web server of affected devices fails to properly sanitize user input for the /sicweb-ajax/tmproot/ endpoint. This could allow an authenticated remote attacker to traverse directories on the system and download arbitrary files. By exploring active session IDs, the vulnerability could potentially be leveraged to escalate privileges to the administrator role. Se... • https://cert-portal.siemens.com/productcert/pdf/ssa-770890.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-36380
https://notcve.org/view.php?id=CVE-2023-36380
10 Oct 2023 — A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.11 (only with activated debug support)), CP-8050 MASTER MODULE (All versions < CPCI85 V05.11 (only with activated debug support)). The affected devices contain a hard-coded ID in the SSH `authorized_keys` configuration file. An attacker with knowledge of the corresponding private key could login to the device via SSH. Only devices with activated debug support are affected. Se ha identificado una vulnerabilidad en: CP-803... • https://cert-portal.siemens.com/productcert/pdf/ssa-134651.pdf • CWE-798: Use of Hard-coded Credentials •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2023-33921 – Siemens A8000 CP-8050 / CP-8031 Code Execution / Command Injection
https://notcve.org/view.php?id=CVE-2023-33921
13 Jun 2023 — A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05). The affected devices contain an exposed UART console login interface. An attacker with direct physical access could try to bruteforce or crack the root password to login to the device. • http://packetstormsecurity.com/files/173370/Siemens-A8000-CP-8050-CP-8031-Code-Execution-Command-Injection.html • CWE-749: Exposed Dangerous Method or Function •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2023-33920 – Siemens A8000 CP-8050 / CP-8031 Code Execution / Command Injection
https://notcve.org/view.php?id=CVE-2023-33920
13 Jun 2023 — A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05). The affected devices contain the hash of the root password in a hard-coded form, which could be exploited for UART console login to the device. An attacker with direct physical access could exploit this vulnerability. • http://packetstormsecurity.com/files/173370/Siemens-A8000-CP-8050-CP-8031-Code-Execution-Command-Injection.html • CWE-798: Use of Hard-coded Credentials •
CVSS: 8.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-33919 – Siemens A8000 CP-8050 / CP-8031 Code Execution / Command Injection
https://notcve.org/view.php?id=CVE-2023-33919
13 Jun 2023 — A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05). The web interface of affected devices is vulnerable to command injection due to missing server side input sanitation. This could allow an authenticated privileged remote attacker to execute arbitrary code with root privileges. • http://packetstormsecurity.com/files/173370/Siemens-A8000-CP-8050-CP-8031-Code-Execution-Command-Injection.html • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 1%CPEs: 4EXPL: 0CVE-2023-28489 – Siemens A8000 CP-8050 / CP-8031 Code Execution / Command Injection
https://notcve.org/view.php?id=CVE-2023-28489
11 Apr 2023 — A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05). Affected devices are vulnerable to command injection via the web server port 443/tcp, if the parameter “Remote Operation” is enabled. The parameter is disabled by default. The vulnerability could allow an unauthenticated remote attacker to perform arbitrary code execution on the device. • http://packetstormsecurity.com/files/173370/Siemens-A8000-CP-8050-CP-8031-Code-Execution-Command-Injection.html • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-27480 – Siemens A8000 CP-8050/CP-8031 SICAM WEB Missing File Download / Missing Authentication
https://notcve.org/view.php?id=CVE-2022-27480
12 Apr 2022 — A vulnerability has been identified in SICAM A8000 CP-8031 (All versions < V4.80), SICAM A8000 CP-8050 (All versions < V4.80). Affected devices do not require an user to be authenticated to access certain files. This could allow unauthenticated attackers to download these files. Se ha identificado una vulnerabilidad en SICAM A8000 CP-8031 (todas las versiones anteriores a V4.80), SICAM A8000 CP-8050 (todas las versiones anteriores a V4.80). Los dispositivos afectados no requieren que el usuario sea autentic... • http://packetstormsecurity.com/files/166743/Siemens-A8000-CP-8050-CP-8031-SICAM-WEB-Missing-File-Download-Missing-Authentication.html • CWE-425: Direct Request ('Forced Browsing') CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-13798 – Siemens SICAM A8000 Series Denial Of Service
https://notcve.org/view.php?id=CVE-2018-13798
17 Jan 2019 — A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V14), SICAM A8000 CP-802X (All versions < V14), SICAM A8000 CP-8050 (All versions < V2.00). Specially crafted network packets sent to port 80/TCP or 443/TCP could allow an unauthenticated remote attacker to cause a Denial-of-Service condition of the web server. The security vulnerability could be exploited by an attacker with network access to the affected systems on port 80/TCP or 443/TCP. Successful exploitation requires no system ... • https://cert-portal.siemens.com/productcert/pdf/ssa-579309.pdf • CWE-20: Improper Input Validation •