fkie_cve-2025-31929
Vulnerability from fkie_nvd
Published
2025-05-13 10:15
Modified
2025-05-13 19:35
Severity ?
Summary
A vulnerability has been identified in IEC 1Ph 7.4kW Child socket (8EM1310-2EH04-0GA0) (All versions), IEC 1Ph 7.4kW Child socket/ shutter (8EM1310-2EN04-0GA0) (All versions), IEC 1Ph 7.4kW Parent cable 7m (8EM1310-2EJ04-3GA1) (All versions), IEC 1Ph 7.4kW Parent cable 7m incl. SIM (8EM1310-2EJ04-3GA2) (All versions), IEC 1Ph 7.4kW Parent socket (8EM1310-2EH04-3GA1) (All versions), IEC 1Ph 7.4kW Parent socket incl. SIM (8EM1310-2EH04-3GA2) (All versions), IEC 1Ph 7.4kW Parent socket/ shutter (8EM1310-2EN04-3GA1) (All versions), IEC 1Ph 7.4kW Parent socket/ shutter SIM (8EM1310-2EN04-3GA2) (All versions), IEC 3Ph 22kW Child cable 7m (8EM1310-3EJ04-0GA0) (All versions), IEC 3Ph 22kW Child socket (8EM1310-3EH04-0GA0) (All versions), IEC 3Ph 22kW Child socket/ shutter (8EM1310-3EN04-0GA0) (All versions), IEC 3Ph 22kW Parent cable 7m (8EM1310-3EJ04-3GA1) (All versions), IEC 3Ph 22kW Parent cable 7m incl. SIM (8EM1310-3EJ04-3GA2) (All versions), IEC 3Ph 22kW Parent socket (8EM1310-3EH04-3GA1) (All versions), IEC 3Ph 22kW Parent socket incl. SIM (8EM1310-3EH04-3GA2) (All versions), IEC 3Ph 22kW Parent socket/ shutter (8EM1310-3EN04-3GA1) (All versions), IEC 3Ph 22kW Parent socket/ shutter SIM (8EM1310-3EN04-3GA2) (All versions), IEC ERK 3Ph 22 kW Child cable 7m (8EM1310-3FJ04-0GA0) (All versions), IEC ERK 3Ph 22 kW Child cable 7m (8EM1310-3FJ04-0GA1) (All versions), IEC ERK 3Ph 22 kW Child cable 7m (8EM1310-3FJ04-0GA2) (All versions), IEC ERK 3Ph 22 kW Child socket (8EM1310-3FH04-0GA0) (All versions), IEC ERK 3Ph 22 kW Parent socket (8EM1310-3FH04-3GA1) (All versions), IEC ERK 3Ph 22 kW Parent socket incl. SI (8EM1310-3FH04-3GA2) (All versions), UL Commercial Cellular 48A NTEP (8EM1310-5HF14-1GA2) (All versions), UL Commercial Child 40A w/ 15118 HW (8EM1310-4CF14-0GA0) (All versions), UL Commercial Child 48A BA Compliant (8EM1315-5CG14-0GA0) (All versions), UL Commercial Child 48A w/ 15118 HW (8EM1310-5CF14-0GA0) (All versions), UL Commercial Parent 40A with Simcard (8EM1310-4CF14-1GA2) (All versions), UL Commercial Parent 48A (USPS) (8EM1317-5CG14-1GA2) (All versions), UL Commercial Parent 48A BA Compliant (8EM1315-5CG14-1GA2) (All versions), UL Commercial Parent 48A with Simcard BA (8EM1310-5CF14-1GA2) (All versions), UL Commercial Parent 48A, 15118, 25ft (8EM1310-5CG14-1GA1) (All versions), UL Commercial Parent 48A, 15118, 25ft (8EM1314-5CG14-2FA2) (All versions), UL Commercial Parent 48A, 15118, 25ft (8EM1315-5HG14-1GA2) (All versions), UL Commercial Parent 48A,15118 25ft Sim (8EM1310-5CG14-1GA2) (All versions), UL Resi High End 40A w/15118 Hw (8EM1312-4CF18-0FA3) (All versions), UL Resi High End 48A w/15118 Hw (8EM1312-5CF18-0FA3) (All versions), VersiCharge Blue™ 80A AC Cellular (8EM1315-7BG16-1FH2) (All versions). Affected devices do not contain an Immutable Root of Trust in M0 Hardware. An attacker with physical access to the device could use this to execute arbitrary code.
References
Impacted products
Vendor | Product | Version |
---|
{ "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in IEC 1Ph 7.4kW Child socket (8EM1310-2EH04-0GA0) (All versions), IEC 1Ph 7.4kW Child socket/ shutter (8EM1310-2EN04-0GA0) (All versions), IEC 1Ph 7.4kW Parent cable 7m (8EM1310-2EJ04-3GA1) (All versions), IEC 1Ph 7.4kW Parent cable 7m incl. SIM (8EM1310-2EJ04-3GA2) (All versions), IEC 1Ph 7.4kW Parent socket (8EM1310-2EH04-3GA1) (All versions), IEC 1Ph 7.4kW Parent socket incl. SIM (8EM1310-2EH04-3GA2) (All versions), IEC 1Ph 7.4kW Parent socket/ shutter (8EM1310-2EN04-3GA1) (All versions), IEC 1Ph 7.4kW Parent socket/ shutter SIM (8EM1310-2EN04-3GA2) (All versions), IEC 3Ph 22kW Child cable 7m (8EM1310-3EJ04-0GA0) (All versions), IEC 3Ph 22kW Child socket (8EM1310-3EH04-0GA0) (All versions), IEC 3Ph 22kW Child socket/ shutter (8EM1310-3EN04-0GA0) (All versions), IEC 3Ph 22kW Parent cable 7m (8EM1310-3EJ04-3GA1) (All versions), IEC 3Ph 22kW Parent cable 7m incl. SIM (8EM1310-3EJ04-3GA2) (All versions), IEC 3Ph 22kW Parent socket (8EM1310-3EH04-3GA1) (All versions), IEC 3Ph 22kW Parent socket incl. SIM (8EM1310-3EH04-3GA2) (All versions), IEC 3Ph 22kW Parent socket/ shutter (8EM1310-3EN04-3GA1) (All versions), IEC 3Ph 22kW Parent socket/ shutter SIM (8EM1310-3EN04-3GA2) (All versions), IEC ERK 3Ph 22 kW Child cable 7m (8EM1310-3FJ04-0GA0) (All versions), IEC ERK 3Ph 22 kW Child cable 7m (8EM1310-3FJ04-0GA1) (All versions), IEC ERK 3Ph 22 kW Child cable 7m (8EM1310-3FJ04-0GA2) (All versions), IEC ERK 3Ph 22 kW Child socket (8EM1310-3FH04-0GA0) (All versions), IEC ERK 3Ph 22 kW Parent socket (8EM1310-3FH04-3GA1) (All versions), IEC ERK 3Ph 22 kW Parent socket incl. SI (8EM1310-3FH04-3GA2) (All versions), UL Commercial Cellular 48A NTEP (8EM1310-5HF14-1GA2) (All versions), UL Commercial Child 40A w/ 15118 HW (8EM1310-4CF14-0GA0) (All versions), UL Commercial Child 48A BA Compliant (8EM1315-5CG14-0GA0) (All versions), UL Commercial Child 48A w/ 15118 HW (8EM1310-5CF14-0GA0) (All versions), UL Commercial Parent 40A with Simcard (8EM1310-4CF14-1GA2) (All versions), UL Commercial Parent 48A (USPS) (8EM1317-5CG14-1GA2) (All versions), UL Commercial Parent 48A BA Compliant (8EM1315-5CG14-1GA2) (All versions), UL Commercial Parent 48A with Simcard BA (8EM1310-5CF14-1GA2) (All versions), UL Commercial Parent 48A, 15118, 25ft (8EM1310-5CG14-1GA1) (All versions), UL Commercial Parent 48A, 15118, 25ft (8EM1314-5CG14-2FA2) (All versions), UL Commercial Parent 48A, 15118, 25ft (8EM1315-5HG14-1GA2) (All versions), UL Commercial Parent 48A,15118 25ft Sim (8EM1310-5CG14-1GA2) (All versions), UL Resi High End 40A w/15118 Hw (8EM1312-4CF18-0FA3) (All versions), UL Resi High End 48A w/15118 Hw (8EM1312-5CF18-0FA3) (All versions), VersiCharge Blue\u2122 80A AC Cellular (8EM1315-7BG16-1FH2) (All versions). Affected devices do not contain an Immutable Root of Trust in M0 Hardware. An attacker with physical access to the device could use this to execute arbitrary code." }, { "lang": "es", "value": "Se ha identificado una vulnerabilidad en el z\u00f3calo secundario IEC 1Ph 7.4kW (8EM1310-2EH04-0GA0) (Todas las versiones), z\u00f3calo/obturador secundario IEC 1Ph 7.4kW (8EM1310-2EN04-0GA0) (Todas las versiones), cable principal IEC 1Ph 7.4kW de 7 m (8EM1310-2EJ04-3GA1) (Todas las versiones), cable principal IEC 1Ph 7.4kW de 7 m incl. SIM (8EM1310-2EJ04-3GA2) (Todas las versiones), z\u00f3calo principal IEC 1Ph 7.4kW (8EM1310-2EH04-3GA1) (Todas las versiones), z\u00f3calo principal IEC 1Ph 7.4kW incl. SIM (8EM1310-2EH04-3GA2) (Todas las versiones), IEC 1Ph 7.4kW Toma principal/obturador (8EM1310-2EN04-3GA1) (Todas las versiones), IEC 1Ph 7.4kW Toma principal/obturador SIM (8EM1310-2EN04-3GA2) (Todas las versiones), IEC 3Ph 22kW Cable secundario 7m (8EM1310-3EJ04-0GA0) (Todas las versiones), IEC 3Ph 22kW Toma secundaria (8EM1310-3EH04-0GA0) (Todas las versiones), IEC 3Ph 22kW Toma secundaria/obturador (8EM1310-3EN04-0GA0) (Todas las versiones), IEC 3Ph 22kW Cable principal 7m (8EM1310-3EJ04-3GA1) (Todas las versiones), IEC Cable principal trif\u00e1sico de 22 kW, 7 m, incl. SIM (8EM1310-3EJ04-3GA2) (todas las versiones), toma principal IEC trif\u00e1sica de 22 kW (8EM1310-3EH04-3GA1) (todas las versiones), toma principal IEC trif\u00e1sica de 22 kW, incl. SIM (8EM1310-3EH04-3GA2) (Todas las versiones), Toma principal/obturador IEC trif\u00e1sico de 22 kW (8EM1310-3EN04-3GA1) (Todas las versiones), Toma principal/obturador IEC trif\u00e1sico de 22 kW SIM (8EM1310-3EN04-3GA2) (Todas las versiones), Cable para ni\u00f1os IEC ERK trif\u00e1sico de 22 kW de 7 m (8EM1310-3FJ04-0GA0) (Todas las versiones), Cable para ni\u00f1os IEC ERK trif\u00e1sico de 22 kW de 7 m (8EM1310-3FJ04-0GA1) (Todas las versiones), Cable para ni\u00f1os IEC ERK trif\u00e1sico de 22 kW de 7 m (8EM1310-3FJ04-0GA2) (Todas las versiones), Toma para ni\u00f1os IEC ERK trif\u00e1sica de 22 kW (8EM1310-3FH04-0GA0) (Todas las versiones), Toma de corriente IEC ERK 3Ph 22 kW para padres (8EM1310-3FH04-3GA1) (todas las versiones), toma de corriente IEC ERK 3Ph 22 kW para padres incl. SI (8EM1310-3FH04-3GA2) (Todas las versiones), UL Commercial Cellular 48A NTEP (8EM1310-5HF14-1GA2) (Todas las versiones), UL Commercial Child 40A con hardware 15118 (8EM1310-4CF14-0GA0) (Todas las versiones), UL Commercial Child 48A compatible con BA (8EM1315-5CG14-0GA0) (Todas las versiones), UL Commercial Child 48A con hardware 15118 (8EM1310-5CF14-0GA0) (Todas las versiones), UL Commercial Parent 40A con tarjeta SIM (8EM1310-4CF14-1GA2) (Todas las versiones), UL Commercial Parent 48A (USPS) (8EM1317-5CG14-1GA2) (Todas las versiones), UL Commercial Parent 48A compatible con BA (8EM1315-5CG14-1GA2) (Todas las versiones), UL Commercial Parent 48A con tarjeta SIM BA (8EM1310-5CF14-1GA2) (Todas las versiones), UL Commercial Parent 48A, 15118, 25 pies (8EM1310-5CG14-1GA1) (Todas las versiones), UL Commercial Parent 48A, 15118, 25 pies (8EM1314-5CG14-2FA2) (Todas las versiones), UL Commercial Parent 48A, 15118, 25 pies (8EM1315-5HG14-1GA2) (Todas las versiones), UL Commercial Parent 48A,15118 25 pies Sim (8EM1310-5CG14-1GA2) (Todas las versiones), UL Resi High End 40A con hardware 15118 (8EM1312-4CF18-0FA3) (Todas las versiones), UL Resi High End 48A con hardware 15118 (8EM1312-5CF18-0FA3) (Todas las versiones), VersiCharge Blue\u2122 80A AC Cellular (8EM1315-7BG16-1FH2) (Todas las versiones). Los dispositivos afectados no contienen un root de confianza inmutable en el hardware M0. Un atacante con acceso f\u00edsico al dispositivo podr\u00eda usar esto para ejecutar c\u00f3digo arbitrario." } ], "id": "CVE-2025-31929", "lastModified": "2025-05-13T19:35:18.080", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "exploitabilityScore": 0.5, "impactScore": 3.6, "source": "productcert@siemens.com", "type": "Primary" } ], "cvssMetricV40": [ { "cvssData": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "PHYSICAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "source": "productcert@siemens.com", "type": "Secondary" } ] }, "published": "2025-05-13T10:15:24.477", "references": [ { "source": "productcert@siemens.com", "url": "https://cert-portal.siemens.com/productcert/html/ssa-556937.html" } ], "sourceIdentifier": "productcert@siemens.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-1326" } ], "source": "productcert@siemens.com", "type": "Primary" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…