CVE-2024-41788

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices does not sanitize the input parameters in specific GET requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges.

CVSS v3 9.1 CRITICAL

9.1^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 2.3 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://cert-portal.siemens.com/productcert/html/ssa-187636.html	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:siemens:7kt_pac1260_data_manager_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:7kt_pac1260_data_manager:-:*:*:*:*:*:*:*

History

23 Sep 2025, 16:38

Type	Values Removed	Values Added
Summary		(es) Se ha identificado una vulnerabilidad en el gestor de datos SENTRON 7KT PAC1260 (todas las versiones). La interfaz web de los dispositivos afectados no depura los parámetros de entrada en solicitudes GET específicas. Esto podría permitir que un atacante remoto autenticado ejecute código arbitrario con privilegios de root.
CPE		cpe:2.3:o:siemens:7kt_pac1260_data_manager_firmware:::::::: cpe:2.3:h:siemens:7kt_pac1260_data_manager:-:::::::*
First Time		Siemens Siemens 7kt Pac1260 Data Manager Firmware Siemens 7kt Pac1260 Data Manager
References	~~() https://cert-portal.siemens.com/productcert/html/ssa-187636.html -~~	() https://cert-portal.siemens.com/productcert/html/ssa-187636.html - Vendor Advisory

08 Apr 2025, 09:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-08 09:15

Updated : 2025-09-23 16:38

NVD link : CVE-2024-41788

Mitre link : CVE-2024-41788

CVE.ORG link : CVE-2024-41788

JSON object : View

Products Affected

siemens

7kt_pac1260_data_manager
7kt_pac1260_data_manager_firmware

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

{"id": "CVE-2024-41788", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "productcert@siemens.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 2.3}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}], "cvssMetricV40": [{"type": "Secondary", "source": "productcert@siemens.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.4, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-04-08T09:15:17.820", "references": [{"url": "https://cert-portal.siemens.com/productcert/html/ssa-187636.html", "tags": ["Vendor Advisory"], "source": "productcert@siemens.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "productcert@siemens.com", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices does not sanitize the input parameters in specific GET requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en el gestor de datos SENTRON 7KT PAC1260 (todas las versiones). La interfaz web de los dispositivos afectados no depura los par\u00e1metros de entrada en solicitudes GET espec\u00edficas. Esto podr\u00eda permitir que un atacante remoto autenticado ejecute c\u00f3digo arbitrario con privilegios de root."}], "lastModified": "2025-09-23T16:38:22.593", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kt_pac1260_data_manager_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E6C441C-751B-4D8B-967B-8237E181F21A"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kt_pac1260_data_manager:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "129B89C3-6730-47B7-9D07-41116E8230A0"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "productcert@siemens.com"}