Vulnerabilities in CP 1543-1 before V2.0.28

An authorized user with valid engineering credentials could escalate privileges to gain full control of the CP device, potentially accessing or modifying control logic and process parameters, or disable the communication processor entirely, interrupting data flow to PLCs and field devices.

Any facility using SIMATIC CP 1543-1 or SIPLUS NET CP 1543-1 communication processors, which are commonly found in water treatment, power distribution, and manufacturing plants where they handle network communication for PLCs and process control systems.

An attacker with valid engineering workstation credentials accesses the CP device's management interface locally or over the network, then exploits the privilege escalation vulnerability to gain higher-level access to the device. Once privileged, the attacker can run arbitrary commands on the CP, alter process configurations, or crash the device to cause denial of service.