fkie_cve-2025-40570
Vulnerability from fkie_nvd
Published
2025-08-12 12:15
Modified
2025-08-12 14:25
Severity ?
2.4 (Low) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V10.0), SIPROTEC 5 6MD85 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 6MD86 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 6MD89 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 6MU85 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7KE85 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7SA82 (CP150) (All versions < V10.0), SIPROTEC 5 7SA86 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7SA87 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7SD82 (CP150) (All versions < V10.0), SIPROTEC 5 7SD86 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7SD87 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7SJ81 (CP150) (All versions < V10.0), SIPROTEC 5 7SJ82 (CP150) (All versions < V10.0), SIPROTEC 5 7SJ85 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7SJ86 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7SK82 (CP150) (All versions < V10.0), SIPROTEC 5 7SK85 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7SL82 (CP150) (All versions < V10.0), SIPROTEC 5 7SL86 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7SL87 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7SS85 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7ST85 (CP300) (All versions < V10.0), SIPROTEC 5 7ST86 (CP300) (All versions < V10.0), SIPROTEC 5 7SX82 (CP150) (All versions < V10.0), SIPROTEC 5 7SX85 (CP300) (All versions < V10.0), SIPROTEC 5 7SY82 (CP150) (All versions < V10.0), SIPROTEC 5 7UM85 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7UT82 (CP150) (All versions < V10.0), SIPROTEC 5 7UT85 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7UT86 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7UT87 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7VE85 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7VK87 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7VU85 (CP300) (All versions < V10.0), SIPROTEC 5 Compact 7SX800 (CP050) (All versions < V10.0). Affected devices do not properly limit the bandwidth for incoming network packets over their local USB port. This could allow an attacker with physical access to send specially crafted packets with high bandwidth to the affected devices thus forcing them to exhaust their memory and stop responding to any network traffic via the local USB port. Affected devices reset themselves automatically after a successful attack. The protection function is not affected of this vulnerability.
References
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/html/ssa-894058.html
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions \u003c V10.0), SIPROTEC 5 6MD85 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 6MD86 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 6MD89 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 6MU85 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7KE85 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7SA82 (CP150) (All versions \u003c V10.0), SIPROTEC 5 7SA86 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7SA87 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7SD82 (CP150) (All versions \u003c V10.0), SIPROTEC 5 7SD86 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7SD87 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7SJ81 (CP150) (All versions \u003c V10.0), SIPROTEC 5 7SJ82 (CP150) (All versions \u003c V10.0), SIPROTEC 5 7SJ85 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7SJ86 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7SK82 (CP150) (All versions \u003c V10.0), SIPROTEC 5 7SK85 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7SL82 (CP150) (All versions \u003c V10.0), SIPROTEC 5 7SL86 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7SL87 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7SS85 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7ST85 (CP300) (All versions \u003c V10.0), SIPROTEC 5 7ST86 (CP300) (All versions \u003c V10.0), SIPROTEC 5 7SX82 (CP150) (All versions \u003c V10.0), SIPROTEC 5 7SX85 (CP300) (All versions \u003c V10.0), SIPROTEC 5 7SY82 (CP150) (All versions \u003c V10.0), SIPROTEC 5 7UM85 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7UT82 (CP150) (All versions \u003c V10.0), SIPROTEC 5 7UT85 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7UT86 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7UT87 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7VE85 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7VK87 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7VU85 (CP300) (All versions \u003c V10.0), SIPROTEC 5 Compact 7SX800 (CP050) (All versions \u003c V10.0). Affected devices do not properly limit the bandwidth for incoming network packets over their local USB port. This could allow an attacker with physical access to send specially crafted packets with high bandwidth to the affected devices thus forcing them to exhaust their memory and stop responding to any network traffic via the local USB port. Affected devices reset themselves automatically after a successful attack. The protection function is not affected of this vulnerability."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIPROTEC 5 6MD84 (CP300) (Todas las versiones \u0026lt; V10.0), SIPROTEC 5 6MD85 (CP300) (Todas las versiones \u0026gt;= V7.80 \u0026lt; V10.0), SIPROTEC 5 6MD86 (CP300) (Todas las versiones \u0026gt;= V7.80 \u0026lt; V10.0), SIPROTEC 5 6MD89 (CP300) (Todas las versiones \u0026gt;= V7.80 \u0026lt; V10.0), SIPROTEC 5 6MU85 (CP300) (Todas las versiones \u0026gt;= V7.80 \u0026lt; V10.0), SIPROTEC 5 7KE85 (CP300) (Todas las versiones \u0026gt;= V7.80 \u0026lt; V10.0), SIPROTEC 5 7SA82 (CP150) (Todas las versiones \u0026lt; V10.0), SIPROTEC 5 7SA86 (CP300) (Todas las versiones \u0026gt;= V7.80 \u0026lt; V10.0), SIPROTEC 5 7SA87 (CP300) (Todas las versiones \u0026gt;= V7.80 \u0026lt; V10.0), SIPROTEC 5 7SD82 (CP150) (Todas las versiones \u0026lt; V10.0), SIPROTEC 5 7SD86 (CP300) (Todas las versiones \u0026gt;= V7.80 \u0026lt; V10.0), SIPROTEC 5 7SD87 (CP300) (Todas las versiones \u0026gt;= V7.80 \u0026lt; V10.0), SIPROTEC 5 7SJ81 (CP150) (Todas las versiones \u0026lt; V10.0), SIPROTEC 5 7SJ82 (CP150) (Todas las versiones \u0026lt; V10.0), SIPROTEC 5 7SJ85 (CP300) (Todas las versiones \u0026gt;= V7.80 \u0026lt; V10.0), SIPROTEC 5 7SJ86 (CP300) (Todas las versiones versiones \u0026gt;= V7.80 \u0026lt; V10.0), SIPROTEC 5 7SK82 (CP150) (Todas las versiones \u0026lt; V10.0), SIPROTEC 5 7SK85 (CP300) (Todas las versiones \u0026gt;= V7.80 \u0026lt; V10.0), SIPROTEC 5 7SL82 (CP150) (Todas las versiones \u0026lt; V10.0), SIPROTEC 5 7SL86 (CP300) (Todas las versiones \u0026gt;= V7.80 \u0026lt; V10.0), SIPROTEC 5 7SL87 (CP300) (Todas las versiones \u0026gt;= V7.80 \u0026lt; V10.0), SIPROTEC 5 7SS85 (CP300) (Todas las versiones \u0026gt;= V7.80 \u0026lt; V10.0), SIPROTEC 5 7ST85 (CP300) (Todas las versiones \u0026lt; V10.0), SIPROTEC 5 7ST86 (CP300) (Todas las versiones \u0026lt; V10.0), SIPROTEC 5 7SX82 (CP150) (Todas las versiones \u0026lt; V10.0), SIPROTEC 5 7SX85 (CP300) (Todas las versiones \u0026lt; V10.0), SIPROTEC 5 7SY82 (CP150) (Todas las versiones \u0026lt; V10.0), SIPROTEC 5 7UM85 (CP300) (Todas las versiones \u0026gt;= V7.80 \u0026lt; V10.0), SIPROTEC 5 7UT82 (CP150) (Todas las versiones \u0026lt; V10.0), SIPROTEC 5 7UT85 (CP300) (Todas las versiones \u0026gt;= V7.80 \u0026lt; V10.0), SIPROTEC 5 7UT86 (CP300) (Todas las versiones \u0026gt;= V7.80 \u0026lt; V10.0), SIPROTEC 5 7UT87 (CP300) (Todas las versiones \u0026gt;= V7.80 \u0026lt; V10.0), SIPROTEC 5 7VE85 (CP300) (Todas las versiones \u0026gt;= V7.80 \u0026lt; V10.0), SIPROTEC 5 7VK87 (CP300) (Todas las versiones \u0026gt;= V7.80 \u0026lt; V10.0), SIPROTEC 5 7VU85 (CP300) (Todas las versiones \u0026lt; V10.0), SIPROTEC 5 Compact 7SX800 (CP050) (Todas las versiones \u0026lt; V10.0). Los dispositivos afectados no limitan correctamente el ancho de banda para los paquetes de red entrantes a trav\u00e9s de su puerto USB local. Esto podr\u00eda permitir que un atacante con acceso f\u00edsico env\u00ede paquetes especialmente manipulados con un alto ancho de banda a los dispositivos afectados, oblig\u00e1ndolos a agotar su memoria y a dejar de responder al tr\u00e1fico de red a trav\u00e9s del puerto USB local. Los dispositivos afectados se reinician autom\u00e1ticamente tras un ataque exitoso. La funci\u00f3n de protecci\u00f3n no se ve afectada por esta vulnerabilidad."
    }
  ],
  "id": "CVE-2025-40570",
  "lastModified": "2025-08-12T14:25:33.177",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "PHYSICAL",
          "availabilityImpact": "LOW",
          "baseScore": 2.4,
          "baseSeverity": "LOW",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 0.9,
        "impactScore": 1.4,
        "source": "productcert@siemens.com",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "PHYSICAL",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 2.4,
          "baseSeverity": "LOW",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "LOW",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "productcert@siemens.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-08-12T12:15:35.387",
  "references": [
    {
      "source": "productcert@siemens.com",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-894058.html"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.