VDB
SSA-894058
SSA-894058
PUBLISHED
CVSS 2.4000000953674316 LOW
Affected devices do not properly limit the bandwidth for incoming network packets over their local USB port. This could allow an attacker with physical access to send specially crafted packets with high bandwidth to the affected devices thus forcing them to exhaust their memory and stop responding to any network traffic via the local USB port. Affected devices reset themselves automatically after a successful attack. The protection function is not affected of this vulnerability.
Risk Scores
CVSS 3.1
2.4000000953674316
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | SIPROTEC 5 7SK85 (CP300) | |
| Siemens | SIPROTEC 5 7SL86 (CP300) | |
| Siemens | SIPROTEC 5 7SD82 (CP150) | |
| Siemens | SIPROTEC 5 6MD84 (CP300) | |
| Siemens | SIPROTEC 5 7SA87 (CP300) | |
| Siemens | SIPROTEC 5 7SJ86 (CP300) | |
| Siemens | SIPROTEC 5 7SX85 (CP300) | |
| Siemens | SIPROTEC 5 7ST86 (CP300) | |
| Siemens | SIPROTEC 5 6MU85 (CP300) | |
| Siemens | SIPROTEC 5 7SK82 (CP150) | |
| Siemens | SIPROTEC 5 7ST85 (CP300) | |
| Siemens | SIPROTEC 5 7UT87 (CP300) | |
| Siemens | SIPROTEC 5 7UT86 (CP300) | |
| Siemens | SIPROTEC 5 7VE85 (CP300) | |
| Siemens | SIPROTEC 5 7KE85 (CP300) | |
| Siemens | SIPROTEC 5 7VU85 (CP300) | |
| Siemens | SIPROTEC 5 Compact 7SX800 (CP050) | |
| Siemens | SIPROTEC 5 7SD87 (CP300) | |
| Siemens | SIPROTEC 5 7SA86 (CP300) | |
| Siemens | SIPROTEC 5 7SX82 (CP150) |
…and 16 more
Timeline
- Aug 12, 2025 CVE Published
References
- https://cert-portal.siemens.com/productcert/csaf/ssa-894058.json advisory
- https://cert-portal.siemens.com/productcert/html/ssa-894058.html advisory
- https://support.industry.siemens.com/cs/ww/en/view/109814150/ patch
- https://support.industry.siemens.com/cs/ww/en/view/109757433/ patch
- https://support.industry.siemens.com/cs/ww/en/view/109796884/ patch