A vulnerability has been identified in SENTRON 7KM PAC3200 (All versions). Affected devices only provide a 4-digit PIN to protect from administrative access via Modbus TCP interface. Attackers with access to the Modbus TCP interface could easily bypass this protection by brute-force attacks or by sniffing the Modbus clear text communication.
Metrics
Affected Vendors & Products
References
History
Tue, 08 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Siemens
Siemens sentron Pac3200 |
|
CPEs | cpe:2.3:h:siemens:sentron_pac3200:-:*:*:*:*:*:*:* | |
Vendors & Products |
Siemens
Siemens sentron Pac3200 |
|
Metrics |
ssvc
|
Tue, 08 Oct 2024 08:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability has been identified in SENTRON 7KM PAC3200 (All versions). Affected devices only provide a 4-digit PIN to protect from administrative access via Modbus TCP interface. Attackers with access to the Modbus TCP interface could easily bypass this protection by brute-force attacks or by sniffing the Modbus clear text communication. | |
Weaknesses | CWE-287 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: siemens
Published: 2024-10-08T08:40:16.947Z
Updated: 2024-10-08T14:06:17.123Z
Reserved: 2024-07-22T13:39:08.307Z
Link: CVE-2024-41798
Vulnrichment
Updated: 2024-10-08T14:06:12.558Z
NVD
Status : Awaiting Analysis
Published: 2024-10-08T09:15:11.177
Modified: 2024-10-10T12:56:30.817
Link: CVE-2024-41798
Redhat
No data.