CVE-2022-45044

Summary

CVE	CVE-2022-45044
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2022-12-13 16:15:00 UTC
Updated	2024-03-12 11:15:00 UTC
Description	A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.50), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V9.50), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions < V9.50), SIPROTEC 5 6MD89 (CP300) (All versions < V9.60), SIPROTEC 5 6MU85 (CP300) (All versions < V9.50), SIPROTEC 5 7KE85 (CP200) (All versions), SIPROTEC 5 7KE85 (CP300) (All versions < V9.60), SIPROTEC 5 7SA82 (CP100) (All versions), SIPROTEC 5 7SA82 (CP150) (All versions < V9.50), SIPROTEC 5 7SA84 (CP200) (All versions), SIPROTEC 5 7SA86 (CP200) (All versions), SIPROTEC 5 7SA86 (CP300) (All versions < V9.50), SIPROTEC 5 7SA87 (CP200) (All versions), SIPROTEC 5 7SA87 (CP300) (All versions < V9.50), SIPROTEC 5 7SD82 (CP100) (All versions), SIPROTEC 5 7SD82 (CP150) (All versions < V9.50), SIPROTEC 5 7SD84 (CP200) (All versions), SIPROTEC 5 7SD86 (CP200) (All versions), SIPROTEC 5 7SD86 (CP300) (All versions < V9.50), SIPROTEC 5 7SD87 (CP200) (All versions), SIPROTEC 5 7SD87 (CP300) (All versions < V9.50), SIPROTEC 5 7SJ81 (CP100) (All versions), SIPROTEC 5 7SJ81 (CP150) (All versions < V9.50), SIPROTEC 5 7SJ82 (CP100) (All versions), SIPROTEC 5 7SJ82 (CP150) (All versions < V9.50), SIPROTEC 5 7SJ85 (CP200) (All versions), SIPROTEC 5 7SJ85 (CP300) (All versions < V9.50), SIPROTEC 5 7SJ86 (CP200) (All versions), SIPROTEC 5 7SJ86 (CP300) (All versions < V9.50), SIPROTEC 5 7SK82 (CP100) (All versions), SIPROTEC 5 7SK82 (CP150) (All versions < V9.50), SIPROTEC 5 7SK85 (CP200) (All versions), SIPROTEC 5 7SK85 (CP300) (All versions < V9.50), SIPROTEC 5 7SL82 (CP100) (All versions), SIPROTEC 5 7SL82 (CP150) (All versions < V9.50), SIPROTEC 5 7SL86 (CP200) (All versions), SIPROTEC 5 7SL86 (CP300) (All versions < V9.50), SIPROTEC 5 7SL87 (CP200) (All versions), SIPROTEC 5 7SL87 (CP300) (All versions < V9.50), SIPROTEC 5 7SS85 (CP200) (All versions), SIPROTEC 5 7SS85 (CP300) (All versions < V9.50), SIPROTEC 5 7ST85 (CP200) (All versions), SIPROTEC 5 7ST85 (CP300) (All versions < V9.60), SIPROTEC 5 7ST86 (CP300) (All versions < V9.60), SIPROTEC 5 7SX82 (CP150) (All versions < V9.50), SIPROTEC 5 7SX85 (CP300) (All versions < V9.50), SIPROTEC 5 7UM85 (CP300) (All versions < V9.50), SIPROTEC 5 7UT82 (CP100) (All versions), SIPROTEC 5 7UT82 (CP150) (All versions < V9.50), SIPROTEC 5 7UT85 (CP200) (All versions), SIPROTEC 5 7UT85 (CP300) (All versions < V9.50), SIPROTEC 5 7UT86 (CP200) (All versions), SIPROTEC 5 7UT86 (CP300) (All versions < V9.50), SIPROTEC 5 7UT87 (CP200) (All versions), SIPROTEC 5 7UT87 (CP300) (All versions < V9.50), SIPROTEC 5 7VE85 (CP300) (All versions < V9.50), SIPROTEC 5 7VK87 (CP200) (All versions), SIPROTEC 5 7VK87 (CP300) (All versions < V9.50), SIPROTEC 5 7VU85 (CP300) (All versions < V9.50), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions < V9.50 installed on CP150 and CP300 devices), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions installed on CP100 and CP200 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions < V9.50 installed on CP150 and CP300 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions installed on CP100 and CP200 devices), SIPROTEC 5 Communication Module ETH-BD-2FO (All versions < V9.50), SIPROTEC 5 Compact 7SX800 (CP050) (All versions < V9.50). Affected devices do not properly restrict secure client-initiated renegotiations within the SSL and TLS protocols. This could allow an attacker to create a denial of service condition on the ports 443/tcp and 4443/tcp for the duration of the attack.

Risk And Classification

Problem Types: CWE-400

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Siemens	Siprotec 5 6md85	cp200	All	All	All
Hardware	Siemens	Siprotec 5 6md85	cp300	All	All	All
Operating System	Siemens	Siprotec 5 6md85 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 6md86	cp200	All	All	All
Hardware	Siemens	Siprotec 5 6md86	cp300	All	All	All
Operating System	Siemens	Siprotec 5 6md86 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 6md89	cp300	All	All	All
Operating System	Siemens	Siprotec 5 6md89 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 6mu85	cp200	All	All	All
Hardware	Siemens	Siprotec 5 6mu85	cp300	All	All	All
Operating System	Siemens	Siprotec 5 6mu85 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 7ke85	cp200	All	All	All
Hardware	Siemens	Siprotec 5 7ke85	cp300	All	All	All
Operating System	Siemens	Siprotec 5 7ke85 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 7sa82	cp100	All	All	All
Hardware	Siemens	Siprotec 5 7sa82	cp150	All	All	All
Operating System	Siemens	Siprotec 5 7sa82 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 7sa86	cp200	All	All	All
Hardware	Siemens	Siprotec 5 7sa86	cp300	All	All	All
Operating System	Siemens	Siprotec 5 7sa86 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 7sa87	cp200	All	All	All
Hardware	Siemens	Siprotec 5 7sa87	cp300	All	All	All
Operating System	Siemens	Siprotec 5 7sa87 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 7sd82	cp100	All	All	All
Hardware	Siemens	Siprotec 5 7sd82	cp150	All	All	All
Operating System	Siemens	Siprotec 5 7sd82 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 7sd86	cp200	All	All	All
Hardware	Siemens	Siprotec 5 7sd86	cp300	All	All	All
Operating System	Siemens	Siprotec 5 7sd86 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 7sd87	cp200	All	All	All
Hardware	Siemens	Siprotec 5 7sd87	cp300	All	All	All
Operating System	Siemens	Siprotec 5 7sd87 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 7sj81	cp100	All	All	All
Hardware	Siemens	Siprotec 5 7sj81	cp150	All	All	All
Operating System	Siemens	Siprotec 5 7sj81 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 7sj82	cp100	All	All	All
Hardware	Siemens	Siprotec 5 7sj82	cp150	All	All	All
Operating System	Siemens	Siprotec 5 7sj82 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 7sj85	cp200	All	All	All
Hardware	Siemens	Siprotec 5 7sj85	cp300	All	All	All
Operating System	Siemens	Siprotec 5 7sj85 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 7sj86	cp200	All	All	All
Hardware	Siemens	Siprotec 5 7sj86	cp300	All	All	All
Operating System	Siemens	Siprotec 5 7sj86 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 7sk82	cp100	All	All	All
Hardware	Siemens	Siprotec 5 7sk82	cp150	All	All	All
Operating System	Siemens	Siprotec 5 7sk82 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 7sk85	cp200	All	All	All
Hardware	Siemens	Siprotec 5 7sk85	cp300	All	All	All
Operating System	Siemens	Siprotec 5 7sk85 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 7sl82	cp100	All	All	All
Hardware	Siemens	Siprotec 5 7sl82	cp150	All	All	All
Operating System	Siemens	Siprotec 5 7sl82 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 7sl86	cp200	All	All	All
Hardware	Siemens	Siprotec 5 7sl86	cp300	All	All	All
Operating System	Siemens	Siprotec 5 7sl86 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 7sl87	cp200	All	All	All
Hardware	Siemens	Siprotec 5 7sl87	cp300	All	All	All
Operating System	Siemens	Siprotec 5 7sl87 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 7ss85	cp200	All	All	All
Hardware	Siemens	Siprotec 5 7ss85	cp300	All	All	All
Operating System	Siemens	Siprotec 5 7ss85 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 7st85	cp200	All	All	All
Hardware	Siemens	Siprotec 5 7st85	cp300	All	All	All
Operating System	Siemens	Siprotec 5 7st85 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 7sx85	cp300	All	All	All
Operating System	Siemens	Siprotec 5 7sx85 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 7um85	cp300	All	All	All
Operating System	Siemens	Siprotec 5 7um85 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 7ut82	cp100	All	All	All
Hardware	Siemens	Siprotec 5 7ut82	cp150	All	All	All
Operating System	Siemens	Siprotec 5 7ut82 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 7ut85	cp200	All	All	All
Hardware	Siemens	Siprotec 5 7ut85	cp300	All	All	All
Operating System	Siemens	Siprotec 5 7ut85 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 7ut86	cp200	All	All	All
Hardware	Siemens	Siprotec 5 7ut86	cp300	All	All	All
Operating System	Siemens	Siprotec 5 7ut86 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 7ut87	cp200	All	All	All
Hardware	Siemens	Siprotec 5 7ut87	cp300	All	All	All
Operating System	Siemens	Siprotec 5 7ut87 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 7ve85	cp300	All	All	All
Operating System	Siemens	Siprotec 5 7ve85 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 7vk87	cp200	All	All	All
Hardware	Siemens	Siprotec 5 7vk87	cp300	All	All	All
Operating System	Siemens	Siprotec 5 7vk87 Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 Communication Module Ethba2el	-	All	All	All
Operating System	Siemens	Siprotec 5 Communication Module Ethba2el Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 Communication Module Ethbb2fo	-	All	All	All
Operating System	Siemens	Siprotec 5 Communication Module Ethbb2fo Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 Communication Module Ethbd2fo	-	All	All	All
Operating System	Siemens	Siprotec 5 Communication Module Ethbd2fo Firmware	-	All	All	All
Hardware	Siemens	Siprotec 5 Compact 7sx800	cp050	All	All	All
Operating System	Siemens	Siprotec 5 Compact 7sx800 Firmware	-	All	All	All

References

Reference	Source	Link	Tags
N/A	CONFIRM	cert-portal.siemens.com
cert-portal.siemens.com/productcert/html/ssa-552874.html		cert-portal.siemens.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

591258 Siemens SIPROTEC 5 Devices denDenial of Service (DoS) Vulnerability (ICSA-22-349-11, SSA-552874)