Vulnerability in Siemens Opcenter Quality

CVE-2021-27389

A vulnerability has been identified in Opcenter Quality (All versions < V12.2), QMS Automotive (All versions < V12.30). A private sign key is shipped with the product without adequate protection.

EPSS: 0.004 (61.6th percentile) — read the EPSS interpretation.

Affected products

Siemens Opcenter Quality — versions All versions < V12.2
Siemens Qms Automotive — versions All versions < V12.30

Weakness classification (CWE)

CWE-321 — Use of Hard-coded Cryptographic Key

References

cert-portal.siemens.com/productcert/pdf/ssa-788287.pdf (x_refsource_MISC)