CVE-2021-37206
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability has been identified in SIPROTEC 5 relays with CPU variants CP050 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP100 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP300 (All versions < V8.80). Received webpackets are not properly processed. An unauthenticated remote attacker with access to any of the Ethernet interfaces could send specially crafted packets to force a restart of the target device.
Se ha identificado una vulnerabilidad en los relés SIPROTEC 5 con variantes de CPUCP050 (Todas las versiones anteriores a V8.80), relés SIPROTEC 5 con variantes de CPUCP100 (Todas las versiones anteriores a V8.80), relés SIPROTEC 5 con variantes de CPUCP300 (Todas las versiones anteriores a V8.80). Los paquetes web recibidos no se procesan correctamente. Un atacante remoto no autenticado con acceso a cualquiera de las interfaces Ethernet podría enviar paquetes especialmente diseñados para forzar el reinicio del dispositivo de destino
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-07-21 CVE Reserved
- 2021-09-14 CVE Published
- 2024-05-30 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-500748.pdf | 2021-12-14 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Siemens Search vendor "Siemens" | Siprotec 5 With Cpu Variant Cp050 Search vendor "Siemens" for product "Siprotec 5 With Cpu Variant Cp050" | < 8.80 Search vendor "Siemens" for product "Siprotec 5 With Cpu Variant Cp050" and version " < 8.80" | - |
Affected
| ||||||
Siemens Search vendor "Siemens" | Siprotec 5 With Cpu Variant Cp100 Search vendor "Siemens" for product "Siprotec 5 With Cpu Variant Cp100" | < 8.80 Search vendor "Siemens" for product "Siprotec 5 With Cpu Variant Cp100" and version " < 8.80" | - |
Affected
| ||||||
Siemens Search vendor "Siemens" | Siprotec 5 With Cpu Variant Cp300 Search vendor "Siemens" for product "Siprotec 5 With Cpu Variant Cp300" | < 8.80 Search vendor "Siemens" for product "Siprotec 5 With Cpu Variant Cp300" and version " < 8.80" | - |
Affected
|