CVE-2024-32742

Summary

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device contains an unrestricted USB port. An attacker with local access to the device could potentially misuse the port for booting another operating system and gain complete read/write access to the filesystem.

Affected Software

VendorProductVersion RangeStatus
SiemensSIMATIC CN 41000 < V3.0affected

Weaknesses

  • CWE-1326: CWE-1326: Missing Immutable Root of Trust in Hardware

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References