VDB
SSA-750499
SSA-750499
PUBLISHED
CVSS 5.900000095367432 MEDIUM
The affected devices are supporting weak ciphers on several ports (443/tcp for web, 4443/tcp for DIGSI 5 and configurable port for syslog over TLS). This could allow an unauthorized attacker in a man-in-the-middle position to decrypt any data passed over to and from those ports.
Risk Scores
CVSS v3.1
5.900000095367432
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | SIPROTEC 5 7UT87 (CP200) | |
| Siemens | SIPROTEC 5 6MD86 (CP300) | |
| Siemens | SIPROTEC 5 7SL86 (CP300) | |
| Siemens | SIPROTEC 5 7SL87 (CP200) | |
| Siemens | SIPROTEC 5 7UT87 (CP300) | |
| Siemens | SIPROTEC 5 7UT86 (CP300) | |
| Siemens | SIPROTEC 5 6MD85 (CP300) | |
| Siemens | SIPROTEC 5 7SD86 (CP300) | |
| Siemens | SIPROTEC 5 7SJ85 (CP200) | |
| Siemens | SIPROTEC 5 7ST85 (CP300) | |
| Siemens | SIPROTEC 5 7SA86 (CP200) | |
| Siemens | SIPROTEC 5 Communication Module ETH-BA-2EL (Rev.1) | |
| Siemens | SIPROTEC 5 7SA82 (CP150) | |
| Siemens | SIPROTEC 5 6MD86 (CP200) | |
| Siemens | SIPROTEC 5 6MU85 (CP300) | |
| Siemens | SIPROTEC 5 7SD87 (CP300) | |
| Siemens | SIPROTEC 5 7SL82 (CP150) | |
| Siemens | SIPROTEC 5 7SX82 (CP150) | |
| Siemens | SIPROTEC 5 6MD84 (CP300) | |
| Siemens | SIPROTEC 5 7SJ81 (CP100) |
…and 45 more
Timeline
- Jul 9, 2024 CVE Published
- Nov 11, 2025 CVE Updated
References
- https://cert-portal.siemens.com/productcert/csaf/ssa-750499.json advisory
- https://cert-portal.siemens.com/productcert/html/ssa-750499.html advisory
- https://support.industry.siemens.com/cs/ww/en/view/109740816/ patch
- https://support.industry.siemens.com/cs/ww/en/view/109814150/ patch
- https://support.industry.siemens.com/cs/ww/en/view/109796884/ patch
- https://support.industry.siemens.com/cs/ww/en/view/109757433/ patch