Description
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC712 (All versions < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions < V2.1). The affected device uses a hard-coded password to protect the diagnostic files. This could allow an authenticated attacker to access protected data.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None
E
Physical
RL
O
RC
Changed
Affected products
- Siemens / SIMATIC Cloud Connect 7 CC712All versions >= V2.0 < V2.1 – All versions >= V2.0 < V2.1
- Siemens / SIMATIC Cloud Connect 7 CC712All versions < V2.1 – All versions < V2.1
- Siemens / SIMATIC Cloud Connect 7 CC716All versions >= V2.0 < V2.1 – All versions >= V2.0 < V2.1
- Siemens / SIMATIC Cloud Connect 7 CC716All versions < V2.1 – All versions < V2.1