Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-41793

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices provides an endpoint that allows to enable the ssh service without authentication. This could allow an unauthenticated remote attacker to enable remote access to the device via ssh.

Published

2025-04-08T09:15:19.563

Last Modified

2025-09-23T16:20:08.917

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.6 (HIGH)

Weaknesses

Type: Secondary
CWE-306

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	siemens	7kt_pac1260_data_manager_firmware	*	Yes
Hardware	siemens	7kt_pac1260_data_manager	-	No

References

https://cert-portal.siemens.com/productcert/html/ssa-187636.html Vendor Advisory ([email protected])