MEDIUM🇵🇱 Wersja polska

CVE-2023-27465

CVSS 4.6v3.1pub. 2023-06-13upd. 2024-11-21

A vulnerability has been identified in SIMOTION C240 (All versions >= V5.4 < V5.5 SP1), SIMOTION C240 PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D410-2 DP (All versions >= V5.4 < V5.5 SP1), SIMOTION D410-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D425-2 DP (All versions >= V5.4 < V5.5 SP1), SIMOTION D425-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D435-2 DP (All versions >= V5.4 < V5.5 SP1), SIMOTION D435-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D445-2 DP/PN (All versions >= V5.4), SIMOTION D445-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D455-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION P320-4 E (All versions >= V5.4), SIMOTION P320-4 S (All versions >= V5.4). When operated with Security Level Low the device does not protect access to certain services relevant for debugging. This could allow an unauthenticated attacker to extract confidential technology object (TO) configuration from the device.

CVSS Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Siemens Simotion C240

    HW
    Siemens
    wszystkie wersje
  • Siemens Simotion C240 Firmware

    OS
    Siemens
    5.55.4 – 5.5 (bez)
  • Siemens Simotion C240 Pn

    HW
    Siemens
    wszystkie wersje
  • Siemens Simotion C240 Pn Firmware

    OS
    Siemens
    5.55.4 – 5.5 (bez)
  • Siemens Simotion D410 2 Dp

    HW
    Siemens
    wszystkie wersje
  • Siemens Simotion D410 2 Dp Firmware

    OS
    Siemens
    5.55.4 – 5.5 (bez)
  • Siemens Simotion D410 2 Dp\/pn

    HW
    Siemens
    wszystkie wersje
  • Siemens Simotion D410 2 Dp\/pn Firmware

    OS
    Siemens
    5.55.4 – 5.5 (bez)
  • Siemens Simotion D425 2 Dp

    HW
    Siemens
    wszystkie wersje
  • Siemens Simotion D425 2 Dp Firmware

    OS
    Siemens
    5.55.4 – 5.5 (bez)
  • Siemens Simotion D425 2 Dp\/pn

    HW
    Siemens
    wszystkie wersje
  • Siemens Simotion D425 2 Dp\/pn Firmware

    OS
    Siemens
    5.55.4 – 5.5 (bez)
  • Siemens Simotion D435 2 Dp

    HW
    Siemens
    wszystkie wersje
  • Siemens Simotion D435 2 Dp Firmware

    OS
    Siemens
    5.55.4 – 5.5 (bez)
  • Siemens Simotion D435 2 Dp\/pn

    HW
    Siemens
    wszystkie wersje
  • Siemens Simotion D435 2 Dp\/pn Firmware

    OS
    Siemens
    5.55.4 – 5.5 (bez)
  • Siemens Simotion D445 2 Dp\/pn \(0aa0\)

    HW
    Siemens
    wszystkie wersje
  • Siemens Simotion D445 2 Dp\/pn \(0aa0\) Firmware

    OS
    Siemens
    5.4
  • Siemens Simotion D445 2 Dp\/pn \(0aa1\)

    HW
    Siemens
    wszystkie wersje
  • Siemens Simotion D445 2 Dp\/pn \(0aa1\) Firmware

    OS
    Siemens
    5.55.4 – 5.5 (bez)
  • Siemens Simotion D455 2 Dp\/pn

    HW
    Siemens
    wszystkie wersje
  • Siemens Simotion D455 2 Dp\/pn Firmware

    OS
    Siemens
    5.55.4 – 5.5 (bez)
  • Siemens Simotion P320 4 E

    HW
    Siemens
    wszystkie wersje
  • Siemens Simotion P320 4 E Firmware

    OS
    Siemens
    5.4
  • Siemens Simotion P320 4 S

    HW
    Siemens
    wszystkie wersje
  • Siemens Simotion P320 4 S Firmware

    OS
    Siemens
    5.4
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2017-5689CRITICAL9.8⚠ KEVten sam produkt

An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel A...

CVE-2026-0300CRITICAL9.3⚠ KEVPL ✓ten sam vendor

Buffer overflow RCE z uprawnieniami root w PAN-OS Captive Portal

CVE-2026-24858CRITICAL9.8⚠ KEVPL ✓ten sam vendor

Fortinet – Auth Bypass przez FortiCloud SSO w wielu produktach

CVE-2025-59718CRITICAL9.8⚠ KEVPL ✓ten sam vendor

Fortinet FortiOS/FortiProxy/FortiSwitchManager — Auth Bypass przez SAML

CVE-2022-22965CRITICAL9.8⚠ KEVten sam vendor

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) ...