Siemens - Simatic Easie Core Package CVE

Filtered by vendor Siemens Subscribe

Filtered by product Simatic Easie Core Package

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-44222	1 Siemens	1 Simatic Easie Core Package	2022-07-15	6.4 MEDIUM	9.1 CRITICAL
A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The underlying MQTT service of affected systems does not perform authentication in the default configuration. This could allow an unauthenticated remote attacker to send arbitrary messages to the service and thereby issue arbitrary requests in the affected system.

Vulnerabilities (CVE)