VDB
CVE-2021-37206
CVE-2021-37206
PUBLISHED
CVSS 7.5 HIGH
A vulnerability has been identified in SIPROTEC 5 relays with CPU variants CP050 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP100 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP300 (All versions < V8.80). Received webpackets are not properly processed. An unauthenticated remote attacker with access to any of the Ethernet interfaces could send specially crafted packets to force a restart of the target device.
EPSS 0.58% · 69.2th percentile
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.58%
69.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| siemens | siprotec_5_with_cpu_variant_cp300 | 0 |
| Siemens | SIPROTEC 5 relays with CPU variants CP050 | All versions < V8.80 |
| Siemens | SIPROTEC 5 relays with CPU variants CP100 | All versions < V8.80 |
| siemens | siprotec_5_with_cpu_variant_cp050 | 0 |
| siemens | siprotec_5_with_cpu_variant_cp100 | 0 |
| Siemens | SIPROTEC 5 relays with CPU variants CP300 | All versions < V8.80 |
Exploit Intelligence
- This proof-of-concept script exploits a vulnerability in OpenSSH versions prior to 7.4 (CVE-2016-10708) by sending unexpected `SSH_MSG_NEWKEYS` packets. (github-poc)
- This proof-of-concept script exploits a vulnerability in OpenSSH versions prior to 7.4 (CVE-2016-10708) by sending unexpected `SSH_MSG_NEWKEYS` packets. (github-poc)
- This proof-of-concept script exploits a vulnerability in OpenSSH versions prior to 7.4 (CVE-2016-10708) by sending unexpected `SSH_MSG_NEWKEYS` packets. (github-poc)
- This proof-of-concept script exploits a vulnerability in OpenSSH versions prior to 7.4 (CVE-2016-10708) by sending unexpected `SSH_MSG_NEWKEYS` packets. (github-poc)
- This proof-of-concept script exploits a vulnerability in OpenSSH versions prior to 7.4 (CVE-2016-10708) by sending unexpected `SSH_MSG_NEWKEYS` packets. (github-poc)
- https://cert-portal.siemens.com/productcert/pdf/ssa-500748.pdf (circl)
Timeline
- Apr 13, 2021 CVE Published
- Sep 15, 2021 EPSS Score
- Oct 5, 2021 EPSS Score
- Nov 11, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Jan 8, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 3, 2022 EPSS Score
- Jun 29, 2022 EPSS Score
- Aug 27, 2022 EPSS Score
- Dec 20, 2022 EPSS Score
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-847986.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-549234.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-208530.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-288459.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-987403.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-535380.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-334944.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-676336.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-997732.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-835377.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-109294.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-453715.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-692317.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-756638.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-316383.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-330339.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-500748.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-535997.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-150692.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-413407.pdf advisory
…and 2 more