CVE-2021-41769

MITRE NVD CVE.ORG Print: PDF PDF

Summary

CVECVE-2021-41769
StatePUBLIC
Assigner[email protected]
Source PriorityCVE Program / NVD first with legacy fallback
Published2022-01-11 12:15:00 UTC
Updated2022-01-19 16:49:00 UTC
DescriptionA vulnerability has been identified in SIPROTEC 5 6MD85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD89 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MU85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7KE85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SA82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SA86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SA87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SD82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SD87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SJ81 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SJ82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SJ85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SJ86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SK82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SK85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SL82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SL86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SL87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SS85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7ST85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SX85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UM85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7UT85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7VE85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7VK87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 Compact 7SX800 devices (CPU variant CP050) (All versions < V8.83). An improper input validation vulnerability in the web server could allow an unauthenticated user to access device information.

Risk And Classification

Problem Types: CWE-20

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Hardware Siemens 6md85 - All All All
Operating System Siemens 6md85 Firmware All All All All
Hardware Siemens 6md86 - All All All
Operating System Siemens 6md86 Firmware All All All All
Hardware Siemens 6md89 - All All All
Operating System Siemens 6md89 Firmware All All All All
Hardware Siemens 6mu85 - All All All
Operating System Siemens 6mu85 Firmware All All All All
Hardware Siemens 7ke85 - All All All
Operating System Siemens 7ke85 Firmware All All All All
Hardware Siemens 7sa82 - All All All
Operating System Siemens 7sa82 Firmware All All All All
Hardware Siemens 7sa86 - All All All
Operating System Siemens 7sa86 Firmware All All All All
Hardware Siemens 7sa87 - All All All
Operating System Siemens 7sa87 Firmware All All All All
Hardware Siemens 7sd82 - All All All
Operating System Siemens 7sd82 Firmware All All All All
Hardware Siemens 7sd86 - All All All
Operating System Siemens 7sd86 Firmware All All All All
Hardware Siemens 7sd87 - All All All
Operating System Siemens 7sd87 Firmware All All All All
Hardware Siemens 7sj81 - All All All
Operating System Siemens 7sj81 Firmware All All All All
Hardware Siemens 7sj82 - All All All
Operating System Siemens 7sj82 Firmware All All All All
Hardware Siemens 7sj85 - All All All
Operating System Siemens 7sj85 Firmware All All All All
Hardware Siemens 7sj86 - All All All
Operating System Siemens 7sj86 Firmware All All All All
Hardware Siemens 7sk82 - All All All
Operating System Siemens 7sk82 Firmware All All All All
Hardware Siemens 7sk85 - All All All
Operating System Siemens 7sk85 Firmware All All All All
Hardware Siemens 7sl82 - All All All
Operating System Siemens 7sl82 Firmware All All All All
Hardware Siemens 7sl86 - All All All
Operating System Siemens 7sl86 Firmware All All All All
Hardware Siemens 7sl87 - All All All
Operating System Siemens 7sl87 Firmware All All All All
Hardware Siemens 7ss85 - All All All
Operating System Siemens 7ss85 Firmware All All All All
Hardware Siemens 7st85 - All All All
Operating System Siemens 7st85 Firmware All All All All
Hardware Siemens 7sx800 - All All All
Operating System Siemens 7sx800 Firmware All All All All
Hardware Siemens 7sx85 - All All All
Operating System Siemens 7sx85 Firmware All All All All
Hardware Siemens 7um85 - All All All
Operating System Siemens 7um85 Firmware All All All All
Hardware Siemens 7ut82 - All All All
Operating System Siemens 7ut82 Firmware All All All All
Hardware Siemens 7ut85 - All All All
Operating System Siemens 7ut85 Firmware All All All All
Hardware Siemens 7ut86 - All All All
Operating System Siemens 7ut86 Firmware All All All All
Hardware Siemens 7ut87 - All All All
Operating System Siemens 7ut87 Firmware All All All All
Hardware Siemens 7ve85 - All All All
Operating System Siemens 7ve85 Firmware All All All All
Hardware Siemens 7vk87 - All All All
Operating System Siemens 7vk87 Firmware All All All All

References

ReferenceSourceLinkTags
cert-portal.siemens.com/productcert/pdf/ssa-439673.pdf MISC cert-portal.siemens.com
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis

Legacy QID Mappings

  • 591041 Siemens SIPROTEC 5 Information Disclosure Vulnerability (SSA-439673)
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report