PT-2024-5283 · Siemens · Siprotec 5

Published

2024-07-09

·

Updated

2024-08-13

·

CVE-2024-38867

CVSS v2.0

7.1

High

VectorAV:N/AC:M/Au:N/C:C/I:N/A:N
Name of the Vulnerable Software and Affected Versions SIPROTEC 5 6MD84 (CP300) versions prior to V9.64 SIPROTEC 5 6MD85 (CP200) versions prior to V9.64 SIPROTEC 5 6MD85 (CP300) versions prior to V9.64 SIPROTEC 5 6MD86 (CP200) versions prior to V9.64 SIPROTEC 5 6MD86 (CP300) versions prior to V9.64 SIPROTEC 5 6MD89 (CP300) versions prior to V9.64 SIPROTEC 5 6MU85 (CP300) versions prior to V9.64 SIPROTEC 5 7KE85 (CP200) versions prior to V9.64 SIPROTEC 5 7KE85 (CP300) versions prior to V9.64 SIPROTEC 5 7SA82 (CP100) versions prior to V9.65 SIPROTEC 5 7SA82 (CP150) versions prior to V9.65 SIPROTEC 5 7SA84 (CP200) versions prior to V9.64 SIPROTEC 5 7SA86 (CP200) versions prior to V9.65 SIPROTEC 5 7SA86 (CP300) versions prior to V9.65 SIPROTEC 5 7SA87 (CP200) versions prior to V9.65 SIPROTEC 5 7SA87 (CP300) versions prior to V9.65 SIPROTEC 5 7SD82 (CP100) versions prior to V9.65 SIPROTEC 5 7SD82 (CP150) versions prior to V9.65 SIPROTEC 5 7SD84 (CP200) versions prior to V9.64 SIPROTEC 5 7SD86 (CP200) versions prior to V9.65 SIPROTEC 5 7SD86 (CP300) versions prior to V9.65 SIPROTEC 5 7SD87 (CP200) versions prior to V9.65 SIPROTEC 5 7SD87 (CP300) versions prior to V9.65 SIPROTEC 5 7SJ81 (CP100) versions prior to V8.89 SIPROTEC 5 7SJ81 (CP150) versions prior to V9.65 SIPROTEC 5 7SJ82 (CP100) versions prior to V8.89 SIPROTEC 5 7SJ82 (CP150) versions prior to V9.65 SIPROTEC 5 7SJ85 (CP200) versions prior to V9.64 SIPROTEC 5 7SJ85 (CP300) versions prior to V9.65 SIPROTEC 5 7SJ86 (CP200) versions prior to V9.64 SIPROTEC 5 7SJ86 (CP300) versions prior to V9.65 SIPROTEC 5 7SK82 (CP100) versions prior to V8.89 SIPROTEC 5 7SK82 (CP150) versions prior to V9.65 SIPROTEC 5 7SK85 (CP200) versions prior to V9.64 SIPROTEC 5 7SK85 (CP300) versions prior to V9.65 SIPROTEC 5 7SL82 (CP100) versions prior to V9.64 SIPROTEC 5 7SL82 (CP150) versions prior to V9.65 SIPROTEC 5 7SL86 (CP200) versions prior to V9.64 SIPROTEC 5 7SL86 (CP300) versions prior to V9.65 SIPROTEC 5 7SL87 (CP200) versions prior to V9.64 SIPROTEC 5 7SL87 (CP300) versions prior to V9.65 SIPROTEC 5 7SS85 (CP200) versions prior to V9.64 SIPROTEC 5 7SS85 (CP300) versions prior to V9.64 SIPROTEC 5 7ST85 (CP200) versions prior to V9.64 SIPROTEC 5 7ST85 (CP300) versions prior to V9.64 SIPROTEC 5 7ST86 (CP300) versions prior to V9.64 SIPROTEC 5 7SX82 (CP150) versions prior to V9.65 SIPROTEC 5 7SX85 (CP300) versions prior to V9.65 SIPROTEC 5 7UM85 (CP300) versions prior to V9.64 SIPROTEC 5 7UT82 (CP100) versions prior to V9.64 SIPROTEC 5 7UT82 (CP150) versions prior to V9.65 SIPROTEC 5 7UT85 (CP200) versions prior to V9.64 SIPROTEC 5 7UT85 (CP300) versions prior to V9.65 SIPROTEC 5 7UT86 (CP200) versions prior to V9.64 SIPROTEC 5 7UT86 (CP300) versions prior to V9.65 SIPROTEC 5 7UT87 (CP200) versions prior to V9.64 SIPROTEC 5 7UT87 (CP300) versions prior to V9.65 SIPROTEC 5 7VE85 (CP300) versions prior to V9.64 SIPROTEC 5 7VK87 (CP200) versions prior to V9.64 SIPROTEC 5 7VK87 (CP300) versions prior to V9.65 SIPROTEC 5 7VU85 (CP300) versions prior to V9.64 SIPROTEC 5 Communication Module ETH-BA-2EL (Rev.1) versions prior to V9.62 SIPROTEC 5 Communication Module ETH-BB-2FO (Rev. 1) versions prior to V9.62 SIPROTEC 5 Compact 7SX800 (CP050) versions prior to V9.64
Description The issue is related to weak ciphers being supported on several ports, including 443/tcp for web, 4443/tcp for DIGSI 5, and a configurable port for syslog over TLS. This could allow an unauthorized attacker in a man-in-the-middle position to decrypt any data passed over to and from those ports. The vulnerability may be exploited by sending specially crafted packets to port 4443/tcp.
Recommendations For SIPROTEC 5 6MD84 (CP300) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 6MD85 (CP200) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 6MD85 (CP300) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 6MD86 (CP200) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 6MD86 (CP300) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 6MD89 (CP300) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 6MU85 (CP300) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 7KE85 (CP200) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 7KE85 (CP300) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 7SA82 (CP100) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7SA82 (CP150) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7SA84 (CP200) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 7SA86 (CP200) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7SA86 (CP300) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7SA87 (CP200) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7SA87 (CP300) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7SD82 (CP100) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7SD82 (CP150) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7SD84 (CP200) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 7SD86 (CP200) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7SD86 (CP300) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7SD87 (CP200) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7SD87 (CP300) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7SJ81 (CP100) versions prior to V8.89, update to version V8.89 or later. For SIPROTEC 5 7SJ81 (CP150) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7SJ82 (CP100) versions prior to V8.89, update to version V8.89 or later. For SIPROTEC 5 7SJ82 (CP150) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7SJ85 (CP200) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 7SJ85 (CP300) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7SJ86 (CP200) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 7SJ86 (CP300) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7SK82 (CP100) versions prior to V8.89, update to version V8.89 or later. For SIPROTEC 5 7SK82 (CP150) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7SK85 (CP200) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 7SK85 (CP300) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7SL82 (CP100) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 7SL82 (CP150) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7SL86 (CP200) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 7SL86 (CP300) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7SL87 (CP200) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 7SL87 (CP300) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7SS85 (CP200) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 7SS85 (CP300) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 7ST85 (CP200) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 7ST85 (CP300) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 7ST86 (CP300) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 7SX82 (CP150) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7SX85 (CP300) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7UM85 (CP300) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 7UT82 (CP100) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 7UT82 (CP150) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7UT85 (CP200) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 7UT85 (CP300) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7UT86 (CP200) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 7UT86 (CP300) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7UT87 (CP200) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 7UT87 (CP300) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7VE85 (CP300) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 7VK87 (CP200) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 7VK87 (CP300) versions prior to V9.65, update to version V9.65 or later. For SIPROTEC 5 7VU85 (CP300) versions prior to V9.64, update to version V9.64 or later. For SIPROTEC 5 Communication Module ETH-BA-2EL (Rev.1) versions prior to V9.62, update to version V9.62 or later. For SIPROTEC 5 Communication Module ETH-BB-2FO (Rev. 1) versions prior to V9.62, update to version V9.62 or later. For SIPROTEC 5 Compact 7SX800 (CP050) versions prior to V9.64, update to version V9.64 or later.

Fix

Inadequate Encryption Strength

Weakness Enumeration

CWE-326

Related Identifiers

BDU:2024-05902
CVE-2024-38867

Affected Products

Siprotec 5