CVE-2021-27395
CVE-2021-27395
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.8%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
12 Oct 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A vulnerability has been identified in SIMATIC Process Historian 2013 and earlier (All versions), SIMATIC Process Historian 2014 (All versions < SP3 Update 6), SIMATIC Process Historian 2019 (All versions), SIMATIC Process Historian 2020 (All versions). An interface in the software that is used for critical functionalities lacks authentication, which could allow a malicious user to maliciously insert, modify or delete data.
Affected products
Siemens · SIMATIC Process Historian 2013 and earlierSiemens · SIMATIC Process Historian 2014Siemens · SIMATIC Process Historian 2019Siemens · SIMATIC Process Historian 2020Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →