SSA-345750 — Vulnetix

SSA-345750 PUBLISHED CVSS 9.899999618530273 CRITICAL

Energy Services from Siemens (previously known as Managed Applications and Services), sell solutions using Elspec G5 Digital Fault Recorder which contains default credentials with admin privileges. A client configuration with remote access could allow an attacker to gain remote control of the G5DFR component and tamper outputs from the device.

Risk Scores

CVSS 3.1

9.899999618530273

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L

Affected Products

Vendor	Product	Versions
	Energy Services

Exploit Intelligence

https://cert-portal.siemens.com/productcert/html/ssa-345750.html (circl)
https://cert-portal.siemens.com/productcert/csaf/ssa-345750.json (circl)

Timeline

Jun 10, 2025 CVE Published
Jun 16, 2025 CVE Updated

References

https://cert-portal.siemens.com/productcert/html/ssa-345750.html advisory
https://cert-portal.siemens.com/productcert/csaf/ssa-345750.json advisory

Open in Interactive Console →