What is CVE-2023-37194?

CVE-2023-37194 is a medium-severity vulnerability in Siemens Simatic Cp 1604, classified under Improper Access Control. CVSS score: 6.7/10. Published 2023-10-10.

How severe is CVE-2023-37194?

Medium severity. CVSS v3 base score is 6.7 out of 10.

Vulnerability in Siemens Simatic Cp 1604

CVE-2023-37194

A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions). The kernel memory of affected devices is…

EPSS: 0.000 (4.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.7 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C.

Affected products

Siemens Simatic Cp 1604 — versions All versions
Siemens Simatic Cp 1616 — versions All versions
Siemens Simatic Cp 1623 — versions All versions
Siemens Simatic Cp 1626 — versions All versions
Siemens Simatic Cp 1628 — versions All versions

Weakness classification (CWE)

CWE-284 — Improper Access Control

References

cert-portal.siemens.com/productcert/pdf/ssa-784849.pdf

Frequently asked questions

What is CVE-2023-37194?: CVE-2023-37194 is a medium-severity vulnerability in Siemens Simatic Cp 1604, classified under Improper Access Control. CVSS score: 6.7/10. Published 2023-10-10.
How severe is CVE-2023-37194?: Medium severity. CVSS v3 base score is 6.7 out of 10.