VDB
SSA-439673
SSA-439673
PUBLISHED
CVSS 6.5 MEDIUM
An information disclosure vulnerability in SIPROTEC 5 products could allow an unauthenticated attacker to read device information. Only devices with the hardware variants CP050, CP100 and CP300 are affected. The DIGSI engineering tool can be used to identify the hardware version of your devices. Siemens has released updates for the affected products and recommends to update to the latest versions.
Risk Scores
CVSS 3.1
6.5
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SIPROTEC 5 7SJ85 devices (CPU variant CP300) | ||
| SIPROTEC 5 6MD85 devices (CPU variant CP300) | ||
| SIPROTEC 5 7SL86 devices (CPU variant CP300) | ||
| SIPROTEC 5 7SL87 devices (CPU variant CP300) | ||
| SIPROTEC 5 7SD86 devices (CPU variant CP300) | ||
| SIPROTEC 5 7SJ82 devices (CPU variant CP100) | ||
| SIPROTEC 5 7SK82 devices (CPU variant CP100) | ||
| SIPROTEC 5 7SK85 devices (CPU variant CP300) | ||
| SIPROTEC 5 7SL82 devices (CPU variant CP100) | ||
| SIPROTEC 5 6MD86 devices (CPU variant CP300) | ||
| SIPROTEC 5 6MU85 devices (CPU variant CP300) | ||
| SIPROTEC 5 7SA82 devices (CPU variant CP100) | ||
| SIPROTEC 5 7SD87 devices (CPU variant CP300) | ||
| SIPROTEC 5 7SA86 devices (CPU variant CP300) | ||
| SIPROTEC 5 6MD89 devices (CPU variant CP300) | ||
| SIPROTEC 5 7KE85 devices (CPU variant CP300) | ||
| SIPROTEC 5 7SD82 devices (CPU variant CP100) | ||
| SIPROTEC 5 7SJ86 devices (CPU variant CP300) | ||
| SIPROTEC 5 7SA87 devices (CPU variant CP300) | ||
| SIPROTEC 5 7SJ81 devices (CPU variant CP100) |
Exploit Intelligence
Timeline
- CVE Published