Unrated severityNVD Advisory· Published Apr 12, 2022· Updated Aug 4, 2024
CVE-2021-42029
CVE-2021-42029
Description
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) V15 (All versions), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 5), SIMATIC STEP 7 (TIA Portal) V17 (All versions < V17 Update 2). An attacker could achieve privilege escalation on the web server of certain devices due to improper access control vulnerability in the engineering system software. The attacker needs to have direct access to the impacted web server.
Affected products
4V15 (All versions), V16 (All versions < V16 Update 5), V17 (All versions < V17 Update 2)+ 3 more
- (no CPE)range: V15 (All versions), V16 (All versions < V16 Update 5), V17 (All versions < V17 Update 2)
- (no CPE)range: All versions
- (no CPE)range: All versions < V16 Update 5
- (no CPE)range: All versions < V17 Update 2
Patches
Vulnerability mechanics
References
1- cert-portal.siemens.com/productcert/pdf/ssa-350757.pdfmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.