PT-2021-21574 · Siemens · Siprotec 5
Published
2021-09-14
·
Updated
2021-12-14
·
CVE-2021-37206
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
SIPROTEC 5 relays with CPU variants CP050 versions prior to V8.80
SIPROTEC 5 relays with CPU variants CP100 versions prior to V8.80
SIPROTEC 5 relays with CPU variants CP200 versions prior to V8.80
SIPROTEC 5 relays with CPU variants CP300 versions prior to V8.80
Description
A vulnerability has been identified where received webpackets are not properly processed. An unauthenticated remote attacker with access to any of the Ethernet interfaces could send specially crafted packets to force a restart of the target device.
Recommendations
For SIPROTEC 5 relays with CPU variants CP050 versions prior to V8.80, update to version V8.80 or later.
For SIPROTEC 5 relays with CPU variants CP100 versions prior to V8.80, update to version V8.80 or later.
For SIPROTEC 5 relays with CPU variants CP200 versions prior to V8.80, update to version V8.80 or later.
For SIPROTEC 5 relays with CPU variants CP300 versions prior to V8.80, update to version V8.80 or later.
As a temporary workaround, consider restricting access to the Ethernet interfaces to minimize the risk of exploitation.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Siprotec 5