Siemens SIMATIC CP 1542SP-1
Easy fix2 remedies
cpe:2.3:h:siemens:simatic_cp_1542sp-1:*:*:*:*:*:*:*, +1 more
Easy fix2 remedies
- < V2.4.24
Siemens SIMATIC ET 200SP Communication Processors Authentication Vulnerability Allowing Unauthenticated Remote Access to Configuration Data
Vulnerability
Patched
An authentication vulnerability has been identified in several Siemens SIMATIC ET 200SP communication processors, including SIPLUS variants. The affected models are CP 1542SP-1, CP 1542SP-1 IRC, and CP 1543SP-1, all versions prior to 2.4.24. These devices do not properly authenticate configuration connections, which could enable an unauthenticated remote attacker to access the configuration data.
Impact
Exploitation of this vulnerability could lead to unauthorized access to configuration data on the affected devices.
Remediation
Siemens has released new versions for the affected products and recommends updating to the latest versions. Additionally, access to the affected systems can be restricted to trusted IP addresses only.
Added: Oct 14, 2025, 10:21 AM
Updated: Oct 14, 2025, 10:21 AM
Vulnerability Rating
Custom Algorithm
spread
1.4impact
2.5exploitability
7.0remediation
7.9relevance
0.7threat
0.0urgency
2.9incentive
5.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.