Action not permitted
Modal body text goes here.
Modal Title
Modal Body
wid-sec-w-2025-1768
Vulnerability from csaf_certbund
Published
2025-08-12 22:00
Modified
2025-08-12 22:00
Summary
Siemens SIPROTEC: Mehrere Schwachstellen ermöglichen Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
SIPROTEC ist eine Serie von Netzschutzgeräten.
Angriff
Ein entfernter, anonymer Angreifer oder ein Angreifer mit physischem Zugriff kann mehrere Schwachstellen in Siemens SIPROTEC ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Appliance
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "SIPROTEC ist eine Serie von Netzschutzger\u00e4ten.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer oder ein Angreifer mit physischem Zugriff kann mehrere Schwachstellen in Siemens SIPROTEC ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- Appliance", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2025-1768 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1768.json" }, { "category": "self", "summary": "WID-SEC-2025-1768 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1768" }, { "category": "external", "summary": "Siemens Security Advisory SSA-400089 vom 2025-08-12", "url": "https://cert-portal.siemens.com/productcert/html/ssa-400089.html" }, { "category": "external", "summary": "Siemens Security Advisory SSA-894058 V1.0 vom 2025-08-12", "url": "https://cert-portal.siemens.com/productcert/html/ssa-894058.html" } ], "source_lang": "en-US", "title": "Siemens SIPROTEC: Mehrere Schwachstellen erm\u00f6glichen Denial of Service", "tracking": { "current_release_date": "2025-08-12T22:00:00.000+00:00", "generator": { "date": "2025-08-13T06:27:10.560+00:00", "engine": { "name": "BSI-WID", "version": "1.4.0" } }, "id": "WID-SEC-W-2025-1768", "initial_release_date": "2025-08-12T22:00:00.000+00:00", "revision_history": [ { "date": "2025-08-12T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "4 \u003cV4.78", "product": { "name": "Siemens SIPROTEC 4 \u003cV4.78", "product_id": "T046040" } }, { "category": "product_version", "name": "4 V4.78", "product": { "name": "Siemens SIPROTEC 4 V4.78", "product_id": "T046040-fixed", "product_identification_helper": { "cpe": "cpe:/h:siemens:siprotec:4__v4.78" } } }, { "category": "product_version_range", "name": "5 \u003cV10.0", "product": { "name": "Siemens SIPROTEC 5 \u003cV10.0", "product_id": "T046041" } }, { "category": "product_version", "name": "5 V10.0", "product": { "name": "Siemens SIPROTEC 5 V10.0", "product_id": "T046041-fixed", "product_identification_helper": { "cpe": "cpe:/h:siemens:siprotec:5__v10.0" } } } ], "category": "product_name", "name": "SIPROTEC" } ], "category": "vendor", "name": "Siemens" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-52504", "product_status": { "known_affected": [ "T046040" ] }, "release_date": "2025-08-12T22:00:00.000+00:00", "title": "CVE-2024-52504" }, { "cve": "CVE-2025-40570", "product_status": { "known_affected": [ "T046041" ] }, "release_date": "2025-08-12T22:00:00.000+00:00", "title": "CVE-2025-40570" } ] }
CVE-2024-52504 (GCVE-0-2024-52504)
Vulnerability from cvelistv5
Published
2025-08-12 11:16
Modified
2025-08-12 19:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
Summary
A vulnerability has been identified in SIPROTEC 4 6MD61 (All versions), SIPROTEC 4 6MD63 (All versions), SIPROTEC 4 6MD66 (All versions), SIPROTEC 4 6MD665 (All versions), SIPROTEC 4 7SA522 (All versions), SIPROTEC 4 7SA6 (All versions < V4.78), SIPROTEC 4 7SD5 (All versions < V4.78), SIPROTEC 4 7SD610 (All versions < V4.78), SIPROTEC 4 7SJ61 (All versions), SIPROTEC 4 7SJ62 (All versions), SIPROTEC 4 7SJ63 (All versions), SIPROTEC 4 7SJ64 (All versions), SIPROTEC 4 7SJ66 (All versions), SIPROTEC 4 7SS52 (All versions), SIPROTEC 4 7ST6 (All versions), SIPROTEC 4 7UM61 (All versions), SIPROTEC 4 7UM62 (All versions), SIPROTEC 4 7UT612 (All versions), SIPROTEC 4 7UT613 (All versions), SIPROTEC 4 7UT63 (All versions), SIPROTEC 4 7VE6 (All versions), SIPROTEC 4 7VK61 (All versions), SIPROTEC 4 7VU683 (All versions), SIPROTEC 4 Compact 7RW80 (All versions), SIPROTEC 4 Compact 7SD80 (All versions), SIPROTEC 4 Compact 7SJ80 (All versions), SIPROTEC 4 Compact 7SJ81 (All versions), SIPROTEC 4 Compact 7SK80 (All versions), SIPROTEC 4 Compact 7SK81 (All versions). Affected devices do not properly handle interrupted operations of file transfer. This could allow an unauthenticated remote attacker to cause a denial of service condition. To restore normal operations, the devices need to be restarted.
References
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-52504", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-08-12T19:09:20.387727Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-08-12T19:15:53.642Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SIPROTEC 4 6MD61", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 6MD63", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 6MD66", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 6MD665", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 7SA522", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 7SA6", "vendor": "Siemens", "versions": [ { "lessThan": "V4.78", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 7SD5", "vendor": "Siemens", "versions": [ { "lessThan": "V4.78", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 7SD610", "vendor": "Siemens", "versions": [ { "lessThan": "V4.78", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 7SJ61", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 7SJ62", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 7SJ63", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 7SJ64", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 7SJ66", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 7SS52", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 7ST6", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 7UM61", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 7UM62", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 7UT612", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 7UT613", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 7UT63", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 7VE6", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 7VK61", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 7VU683", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 Compact 7RW80", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 Compact 7SD80", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 Compact 7SJ80", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 Compact 7SJ81", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 Compact 7SK80", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 4 Compact 7SK81", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIPROTEC 4 6MD61 (All versions), SIPROTEC 4 6MD63 (All versions), SIPROTEC 4 6MD66 (All versions), SIPROTEC 4 6MD665 (All versions), SIPROTEC 4 7SA522 (All versions), SIPROTEC 4 7SA6 (All versions \u003c V4.78), SIPROTEC 4 7SD5 (All versions \u003c V4.78), SIPROTEC 4 7SD610 (All versions \u003c V4.78), SIPROTEC 4 7SJ61 (All versions), SIPROTEC 4 7SJ62 (All versions), SIPROTEC 4 7SJ63 (All versions), SIPROTEC 4 7SJ64 (All versions), SIPROTEC 4 7SJ66 (All versions), SIPROTEC 4 7SS52 (All versions), SIPROTEC 4 7ST6 (All versions), SIPROTEC 4 7UM61 (All versions), SIPROTEC 4 7UM62 (All versions), SIPROTEC 4 7UT612 (All versions), SIPROTEC 4 7UT613 (All versions), SIPROTEC 4 7UT63 (All versions), SIPROTEC 4 7VE6 (All versions), SIPROTEC 4 7VK61 (All versions), SIPROTEC 4 7VU683 (All versions), SIPROTEC 4 Compact 7RW80 (All versions), SIPROTEC 4 Compact 7SD80 (All versions), SIPROTEC 4 Compact 7SJ80 (All versions), SIPROTEC 4 Compact 7SJ81 (All versions), SIPROTEC 4 Compact 7SK80 (All versions), SIPROTEC 4 Compact 7SK81 (All versions). Affected devices do not properly handle interrupted operations of file transfer. This could allow an unauthenticated remote attacker to cause a denial of service condition. To restore normal operations, the devices need to be restarted." } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 8.7, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-754", "description": "CWE-754: Improper Check for Unusual or Exceptional Conditions", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-08-12T11:16:48.226Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-400089.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2024-52504", "datePublished": "2025-08-12T11:16:48.226Z", "dateReserved": "2024-11-11T08:11:56.754Z", "dateUpdated": "2025-08-12T19:15:53.642Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-40570 (GCVE-0-2025-40570)
Vulnerability from cvelistv5
Published
2025-08-12 11:17
Modified
2025-08-12 20:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Summary
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V10.0), SIPROTEC 5 6MD85 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 6MD86 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 6MD89 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 6MU85 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7KE85 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7SA82 (CP150) (All versions < V10.0), SIPROTEC 5 7SA86 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7SA87 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7SD82 (CP150) (All versions < V10.0), SIPROTEC 5 7SD86 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7SD87 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7SJ81 (CP150) (All versions < V10.0), SIPROTEC 5 7SJ82 (CP150) (All versions < V10.0), SIPROTEC 5 7SJ85 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7SJ86 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7SK82 (CP150) (All versions < V10.0), SIPROTEC 5 7SK85 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7SL82 (CP150) (All versions < V10.0), SIPROTEC 5 7SL86 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7SL87 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7SS85 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7ST85 (CP300) (All versions < V10.0), SIPROTEC 5 7ST86 (CP300) (All versions < V10.0), SIPROTEC 5 7SX82 (CP150) (All versions < V10.0), SIPROTEC 5 7SX85 (CP300) (All versions < V10.0), SIPROTEC 5 7SY82 (CP150) (All versions < V10.0), SIPROTEC 5 7UM85 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7UT82 (CP150) (All versions < V10.0), SIPROTEC 5 7UT85 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7UT86 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7UT87 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7VE85 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7VK87 (CP300) (All versions >= V7.80 < V10.0), SIPROTEC 5 7VU85 (CP300) (All versions < V10.0), SIPROTEC 5 Compact 7SX800 (CP050) (All versions < V10.0). Affected devices do not properly limit the bandwidth for incoming network packets over their local USB port. This could allow an attacker with physical access to send specially crafted packets with high bandwidth to the affected devices thus forcing them to exhaust their memory and stop responding to any network traffic via the local USB port. Affected devices reset themselves automatically after a successful attack. The protection function is not affected of this vulnerability.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
► | Siemens | SIPROTEC 5 6MD84 (CP300) |
Version: 0 < V10.0 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-40570", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-08-12T20:08:07.253344Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-08-12T20:08:15.284Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SIPROTEC 5 6MD84 (CP300)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 6MD85 (CP300)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "V7.80", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 6MD86 (CP300)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "V7.80", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 6MD89 (CP300)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "V7.80", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 6MU85 (CP300)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "V7.80", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7KE85 (CP300)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "V7.80", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7SA82 (CP150)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7SA86 (CP300)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "V7.80", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7SA87 (CP300)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "V7.80", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7SD82 (CP150)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7SD86 (CP300)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "V7.80", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7SD87 (CP300)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "V7.80", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7SJ81 (CP150)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7SJ82 (CP150)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7SJ85 (CP300)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "V7.80", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7SJ86 (CP300)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "V7.80", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7SK82 (CP150)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7SK85 (CP300)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "V7.80", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7SL82 (CP150)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7SL86 (CP300)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "V7.80", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7SL87 (CP300)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "V7.80", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7SS85 (CP300)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "V7.80", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7ST85 (CP300)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7ST86 (CP300)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7SX82 (CP150)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7SX85 (CP300)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7SY82 (CP150)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7UM85 (CP300)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "V7.80", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7UT82 (CP150)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7UT85 (CP300)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "V7.80", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7UT86 (CP300)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "V7.80", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7UT87 (CP300)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "V7.80", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7VE85 (CP300)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "V7.80", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7VK87 (CP300)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "V7.80", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 7VU85 (CP300)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIPROTEC 5 Compact 7SX800 (CP050)", "vendor": "Siemens", "versions": [ { "lessThan": "V10.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions \u003c V10.0), SIPROTEC 5 6MD85 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 6MD86 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 6MD89 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 6MU85 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7KE85 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7SA82 (CP150) (All versions \u003c V10.0), SIPROTEC 5 7SA86 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7SA87 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7SD82 (CP150) (All versions \u003c V10.0), SIPROTEC 5 7SD86 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7SD87 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7SJ81 (CP150) (All versions \u003c V10.0), SIPROTEC 5 7SJ82 (CP150) (All versions \u003c V10.0), SIPROTEC 5 7SJ85 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7SJ86 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7SK82 (CP150) (All versions \u003c V10.0), SIPROTEC 5 7SK85 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7SL82 (CP150) (All versions \u003c V10.0), SIPROTEC 5 7SL86 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7SL87 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7SS85 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7ST85 (CP300) (All versions \u003c V10.0), SIPROTEC 5 7ST86 (CP300) (All versions \u003c V10.0), SIPROTEC 5 7SX82 (CP150) (All versions \u003c V10.0), SIPROTEC 5 7SX85 (CP300) (All versions \u003c V10.0), SIPROTEC 5 7SY82 (CP150) (All versions \u003c V10.0), SIPROTEC 5 7UM85 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7UT82 (CP150) (All versions \u003c V10.0), SIPROTEC 5 7UT85 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7UT86 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7UT87 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7VE85 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7VK87 (CP300) (All versions \u003e= V7.80 \u003c V10.0), SIPROTEC 5 7VU85 (CP300) (All versions \u003c V10.0), SIPROTEC 5 Compact 7SX800 (CP050) (All versions \u003c V10.0). Affected devices do not properly limit the bandwidth for incoming network packets over their local USB port. This could allow an attacker with physical access to send specially crafted packets with high bandwidth to the affected devices thus forcing them to exhaust their memory and stop responding to any network traffic via the local USB port. Affected devices reset themselves automatically after a successful attack. The protection function is not affected of this vulnerability." } ], "metrics": [ { "cvssV3_1": { "baseScore": 2.4, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 2.4, "baseSeverity": "LOW", "vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-770", "description": "CWE-770: Allocation of Resources Without Limits or Throttling", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-08-12T11:17:01.195Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-894058.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2025-40570", "datePublished": "2025-08-12T11:17:01.195Z", "dateReserved": "2025-04-16T08:20:17.031Z", "dateUpdated": "2025-08-12T20:08:15.284Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…