CVE-2018-11452

MITRE NVD CVE.ORG Print: PDF PDF

Summary

CVECVE-2018-11452
StatePUBLIC
Assigner[email protected]
Source PriorityCVE Program / NVD first with legacy fallback
Published2018-07-23 21:29:00 UTC
Updated2019-03-22 17:29:00 UTC
DescriptionA vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module (All versions < V4.33), Firmware variant PROFINET IO for EN100 Ethernet module (All versions), Firmware variant Modbus TCP for EN100 Ethernet module (All versions), Firmware variant DNP3 TCP for EN100 Ethernet module (All versions), Firmware variant IEC104 for EN100 Ethernet module (All versions < V1.22). Specially crafted packets to port 102/tcp could cause a denial-of-service condition in the EN100 communication module if oscillographs are running. A manual restart is required to recover the EN100 module functionality. Successful exploitation requires an attacker with network access to send multiple packets to the EN100 module. As a precondition the IEC 61850-MMS communication needs to be activated on the affected EN100 modules. No user interaction or privileges are required to exploit the security vulnerability. The vulnerability could allow causing a Denial-of-Service condition of the network functionality of the device, compromising the availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known.

Risk And Classification

Problem Types: CWE-20

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Hardware Siemens 6md85 - All All All
Hardware Siemens 6md85 - All All All
Hardware Siemens 6md86 - All All All
Hardware Siemens 6md86 - All All All
Hardware Siemens 7ke85 - All All All
Hardware Siemens 7ke85 - All All All
Hardware Siemens 7sa82 - All All All
Hardware Siemens 7sa82 - All All All
Hardware Siemens 7sa86 - All All All
Hardware Siemens 7sa86 - All All All
Hardware Siemens 7sa87 - All All All
Hardware Siemens 7sa87 - All All All
Hardware Siemens 7sd82 - All All All
Hardware Siemens 7sd82 - All All All
Hardware Siemens 7sd86 - All All All
Hardware Siemens 7sd86 - All All All
Hardware Siemens 7sd87 - All All All
Hardware Siemens 7sd87 - All All All
Hardware Siemens 7sj82 - All All All
Hardware Siemens 7sj82 - All All All
Hardware Siemens 7sj85 - All All All
Hardware Siemens 7sj85 - All All All
Hardware Siemens 7sj86 - All All All
Hardware Siemens 7sj86 - All All All
Hardware Siemens 7sk82 - All All All
Hardware Siemens 7sk82 - All All All
Hardware Siemens 7sk85 - All All All
Hardware Siemens 7sk85 - All All All
Hardware Siemens 7sl82 - All All All
Hardware Siemens 7sl82 - All All All
Hardware Siemens 7sl86 - All All All
Hardware Siemens 7sl86 - All All All
Hardware Siemens 7sl87 - All All All
Hardware Siemens 7sl87 - All All All
Hardware Siemens 7ss85 - All All All
Hardware Siemens 7ss85 - All All All
Hardware Siemens 7um85 - All All All
Hardware Siemens 7um85 - All All All
Hardware Siemens 7ut82 - All All All
Hardware Siemens 7ut82 - All All All
Hardware Siemens 7ut85 - All All All
Hardware Siemens 7ut85 - All All All
Hardware Siemens 7ut86 - All All All
Hardware Siemens 7ut86 - All All All
Hardware Siemens 7ut87 - All All All
Hardware Siemens 7ut87 - All All All
Hardware Siemens 7vk87 - All All All
Hardware Siemens 7vk87 - All All All
Operating System Siemens Cp100 Firmware All All All All
Operating System Siemens Cp100 Firmware All All All All
Operating System Siemens Cp200 Firmware - All All All
Operating System Siemens Cp200 Firmware - All All All
Operating System Siemens Cp300 Firmware All All All All
Operating System Siemens Cp300 Firmware All All All All
Operating System Siemens Dnp3 Tcp Firmware - All All All
Operating System Siemens Dnp3 Tcp Firmware - All All All
Hardware Siemens En100 - All All All
Hardware Siemens En100 - All All All
Operating System Siemens Iec104 Firmware - All All All
Operating System Siemens Iec104 Firmware - All All All
Operating System Siemens Iec 61850 Firmware All All All All
Operating System Siemens Iec 61850 Firmware All All All All
Operating System Siemens Modbus Tcp Firmware - All All All
Operating System Siemens Modbus Tcp Firmware - All All All
Operating System Siemens Profinet Io Firmware - All All All
Operating System Siemens Profinet Io Firmware - All All All

References

ReferenceSourceLinkTags
cert-portal.siemens.com/productcert/pdf/ssa-325546.pdf CONFIRM cert-portal.siemens.com Mitigation, Patch, Vendor Advisory
cert-portal.siemens.com/productcert/pdf/ssa-635129.pdf CONFIRM cert-portal.siemens.com Mitigation, Patch, Vendor Advisory
Siemens EN100 Ethernet Communication Module Multiple Denial of Service Vulnerabilities BID www.securityfocus.com
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis

Legacy QID Mappings

  • 591421 Siemens EN100 Ethernet communication module and SIPROTEC 5 Relays Denial of Service (DoS) Vulnerability (SSA-635129)
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report