CVE-2021-27388

Name of the Vulnerable Software and Affected Versions SINAMICS SL150: All versions SINAMICS SM150: All versions SINAMICS SM150i: All versions

Description The SINAMICS medium voltage routable products are affected by a vulnerability in the Sm@rtServer component for remote access. This vulnerability could allow an unauthenticated attacker to cause a denial-of-service condition, and/or execution of limited configuration modifications and/or execution of limited control commands on the SINAMICS Medium Voltage Products, Remote Access.

Recommendations For SINAMICS SL150, consider disabling remote access via the Sm@rtServer component until a fix is available. For SINAMICS SM150, restrict access to the Sm@rtServer component to minimize the risk of exploitation. For SINAMICS SM150i, avoid using remote access features that rely on the Sm@rtServer component until the issue is resolved.