CVE-2018-11451

Name of the Vulnerable Software and Affected Versions Firmware variant IEC 61850 for EN100 Ethernet module versions prior to V4.33 Firmware variant PROFINET IO for EN100 Ethernet module (all versions) Firmware variant Modbus TCP for EN100 Ethernet module (all versions) Firmware variant DNP3 TCP for EN100 Ethernet module (all versions) Firmware variant IEC104 for EN100 Ethernet module versions prior to V1.22 SIPROTEC 5 relays with CPU variants CP300 and CP100 and the respective Ethernet communication modules versions prior to V7.80 SIPROTEC 5 relays with CPU variants CP200 and the respective Ethernet communication modules versions prior to V7.58

Description The issue is related to insufficient input validation in the firmware of the communication module, which could allow an attacker to cause a denial-of-service condition by sending specially crafted packets to port 102/tcp. Successful exploitation requires network access and the activation of IEC 61850-MMS communication on the affected products or modules. No user interaction or privileges are required to exploit this issue. The exploitation could lead to a denial-of-service condition, compromising the availability of the system. At the time of advisory publication, no public exploitation of this security issue was known.

Recommendations For Firmware variant IEC 61850 for EN100 Ethernet module versions prior to V4.33, update to version V4.33 or later. For Firmware variant PROFINET IO for EN100 Ethernet module, restrict access to port 102/tcp until a patch is available. For Firmware variant Modbus TCP for EN100 Ethernet module, restrict access to port 102/tcp until a patch is available. For Firmware variant DNP3 TCP for EN100 Ethernet module, restrict access to port 102/tcp until a patch is available. For Firmware variant IEC104 for EN100 Ethernet module versions prior to V1.22, update to version V1.22 or later. For SIPROTEC 5 relays with CPU variants CP300 and CP100 and the respective Ethernet communication modules versions prior to V7.80, update to version V7.80 or later. For SIPROTEC 5 relays with CPU variants CP200 and the respective Ethernet communication modules versions prior to V7.58, update to version V7.58 or later. As a temporary workaround, consider disabling the IEC 61850-MMS communication on the affected products or modules until a patch is available.