ГлавнаяУязвимости → CVE-2024-41794
10критическая

CVE-2024-41794

Описание

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). Affected devices contain hardcoded credentials for remote access to the device operating system with root privileges. This could allow unauthenticated remote attackers to gain full access to a device, if they are in possession of these credentials and if the ssh service is enabled (e.g., by exploitation of CVE-2024-41793).

Затрагиваемое ПО
Siemens 7kt pac1260 data manager firmwareSiemens 7kt pac1260 data manager
CVSS
Балл10 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Источники
https://cert-portal.siemens.com/productcert/html/ssa-187636.html