Login Sign Up

CVE-2023-29130

9.9 CRITICAL

📋 TL;DR

CVE-2023-29130 is a critical privilege escalation vulnerability in Siemens SIMATIC CN 4100 devices where improper access controls in configuration files allow attackers to gain administrative access. This affects all versions before V2.5, potentially giving attackers complete control over affected industrial network devices.

💻 Affected Systems

Products:
  • Siemens SIMATIC CN 4100
Versions: All versions < V2.5
Operating Systems: Embedded firmware
Default Config Vulnerable: ⚠️ Yes
Notes: All devices running affected firmware versions are vulnerable by default.

📦 What is this software?

Simatic Cn 4100 Firmware by Siemens

View all CVEs affecting Simatic Cn 4100 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device takeover allowing attacker to reconfigure industrial networks, disrupt operations, or use device as pivot point for deeper network penetration.

🟠

Likely Case

Unauthorized administrative access leading to configuration changes, data exfiltration, or disruption of industrial processes.

🟢

If Mitigated

Limited impact if devices are isolated in segmented networks with strict access controls and monitoring.

🌐 Internet-Facing: HIGH - If devices are exposed to internet, attackers can remotely exploit without authentication.
🏢 Internal Only: HIGH - Even internally, any network-accessible device is vulnerable to exploitation.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Vulnerability involves improper access controls in configuration files, suggesting relatively straightforward exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: V2.5

Vendor Advisory: https://cert-portal.siemens.com/productcert/pdf/ssa-313488.pdf

Restart Required: Yes

Instructions:

1. Download firmware V2.5 from Siemens support portal. 2. Backup current configuration. 3. Apply firmware update via web interface or console. 4. Verify successful update and restore configuration if needed.

🔧 Temporary Workarounds

Network segmentation

all

Isolate SIMATIC CN 4100 devices in separate VLANs with strict firewall rules.

Access restriction

all

Implement strict network access controls to limit connections to authorized management stations only.

🧯 If You Can't Patch

  • Segment devices in isolated network zones with no internet access
  • Implement strict monitoring and alerting for unauthorized configuration changes

🔍 How to Verify

Check if Vulnerable:

Check firmware version via web interface or CLI. If version is below V2.5, device is vulnerable.

Check Version:

Check via web interface: System > Device Information, or via CLI using appropriate device commands.

Verify Fix Applied:

Verify firmware version shows V2.5 or higher after update.

📡 Detection & Monitoring

Log Indicators:

  • Unauthorized configuration file access
  • Unexpected administrative login attempts
  • Configuration changes from unauthorized sources

Network Indicators:

  • Unusual network traffic to device management interfaces
  • Connection attempts from unauthorized IP addresses

SIEM Query:

source="simatic-cn4100" AND (event_type="config_change" OR user="admin") AND src_ip NOT IN [authorized_ips]

📊 Metadata

CVE ID: CVE-2023-29130
CVSS v3 Score: 9.9 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CWE: CWE-284
Published: July 11, 2023
Last Updated: February 18, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-29130, you might also want to check these:

CVE-2021-34795 10.0

This critical vulnerability in Cisco Catalyst PON Series Switches ONT web management interface allow...

Same vulnerability type (CWE-284)
CVE-2021-40113 10.0

Multiple vulnerabilities in Cisco Catalyst PON Series Switches ONT web management interface allow un...

Same vulnerability type (CWE-284)
CVE-2026-21636 10.0

A critical vulnerability in Node.js v25's experimental permission model allows attacker-controlled i...

Same vulnerability type (CWE-284)