Primary

Context

Siemens SENTRON 7KT PAC1260 Data Manager SSH Service Activation Vulnerability

Vulnerability

A vulnerability exists in the Siemens SENTRON 7KT PAC1260 Data Manager, in all versions, allowing an unauthenticated remote attacker to enable the SSH service via the device's web interface. This unauthorized activation could facilitate remote access to the device over SSH.

Impact

Exploitation of this vulnerability allows for unauthenticated remote access to the device via SSH, potentially leading to unauthorized actions or access to sensitive information on the device.

Remediation

Siemens no longer provides software fixes for the SENTRON 7KT PAC1260 Data Manager. Users are advised to replace the device with the SENTRON 7KT PAC1261 Data Manager and update to the latest firmware version. The new model is available through the Siemens Industry Mall.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Siemens SENTRON 7KT PAC1260 Data Manager SSH Service Activation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating