CVE-2024-52504

Name of the Vulnerable Software and Affected Versions: SIPROTEC 4 6MD61 (affected versions not specified) SIPROTEC 4 6MD63 (affected versions not specified) SIPROTEC 4 6MD66 (affected versions not specified) SIPROTEC 4 6MD665 (affected versions not specified) SIPROTEC 4 7SA522 (affected versions not specified) SIPROTEC 4 7SA6 versions prior to 4.78 SIPROTEC 4 7SD5 versions prior to 4.78 SIPROTEC 4 7SD610 versions prior to 4.78 SIPROTEC 4 7SJ61 (affected versions not specified) SIPROTEC 4 7SJ62 (affected versions not specified) SIPROTEC 4 7SJ63 (affected versions not specified) SIPROTEC 4 7SJ64 (affected versions not specified) SIPROTEC 4 7SJ66 (affected versions not specified) SIPROTEC 4 7SS52 (affected versions not specified) SIPROTEC 4 7ST6 (affected versions not specified) SIPROTEC 4 7UM61 (affected versions not specified) SIPROTEC 4 7UM62 (affected versions not specified) SIPROTEC 4 7UT612 (affected versions not specified) SIPROTEC 4 7UT613 (affected versions not specified) SIPROTEC 4 7UT63 (affected versions not specified) SIPROTEC 4 7VE6 (affected versions not specified) SIPROTEC 4 7VK61 (affected versions not specified) SIPROTEC 4 7VU683 (affected versions not specified) SIPROTEC 4 Compact 7RW80 (affected versions not specified) SIPROTEC 4 Compact 7SD80 (affected versions not specified) SIPROTEC 4 Compact 7SJ80 (affected versions not specified) SIPROTEC 4 Compact 7SJ81 (affected versions not specified) SIPROTEC 4 Compact 7SK80 (affected versions not specified) SIPROTEC 4 Compact 7SK81 (affected versions not specified)

Description: The devices do not properly handle interrupted operations of file transfer, which could allow a remote attacker to cause a denial of service condition. A restart of the devices is required to restore normal operations.

Recommendations: SIPROTEC 4 7SA6 versions prior to 4.78: Update to version 4.78 or later. SIPROTEC 4 7SD5 versions prior to 4.78: Update to version 4.78 or later. SIPROTEC 4 7SD610 versions prior to 4.78: Update to version 4.78 or later. All other affected versions: At the moment, there is no information about a newer version that contains a fix for this vulnerability.