CVE-2021-45033

CVE-2021-45033

Vendor Siemens
Product CP-8000 MASTER MODULE WITH I/O -25/+70°C
Weakness CWE-798 · Hardcoded credentials
Published January 11, 2022
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions < V16.20), CP-8000 MASTER MODULE WITH I/O -40/+70°C (All versions < V16.20), CP-8021 MASTER MODULE (All versions < V16.20), CP-8022 MASTER MODULE WITH GPRS (All versions < V16.20). An undocumented debug port uses hard-coded default credentials. If this port is enabled by a privileged user, an attacker aware of the credentials could access an administrative debug shell on the affected device.

Key dates

02Disclosure timeline

January 11, 2022 CVE published
August 4, 2024 Record updated