CVE-2021-31337
N/A
N/A
Summary
The Telnet service of the SIMATIC HMI Comfort Panels system component in affected products does not require authentication, which may allow a remote attacker to gain access to the device if the service is enabled. Telnet is disabled by default on the SINAMICS Medium Voltage Products (SINAMICS SL150: All versions, SINAMICS SM150: All versions, SINAMICS SM150i: All versions).
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | SINAMICS Medium Voltage Products | SINAMICS SL150: All versions, SINAMICS SM150: All versions, SINAMICS SM150i: All versions | affected |
Weaknesses
- CWE-306: MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.