Unrated severityNVD Advisory· Published Jun 13, 2023· Updated Feb 13, 2025

CVE-2023-33920

Description

A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05). The affected devices contain the hash of the root password in a hard-coded form, which could be exploited for UART console login to the device. An attacker with direct physical access could exploit this vulnerability.

Affected products

Siemens Foundation/CP-8031 MASTER MODULEllm-fuzzy3 versions
< CPCI85 V05+ 2 more
- (no CPE)range: < CPCI85 V05
- (no CPE)range: All versions < CPCI85 V05
- (no CPE)range: All versions < CPCI85 V05

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.com/files/173370/Siemens-A8000-CP-8050-CP-8031-Code-Execution-Command-Injection.htmlmitre
seclists.org/fulldisclosure/2023/Jul/14mitre
cert-portal.siemens.com/productcert/pdf/ssa-731916.pdfmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000