QID 590713

Date Published: 2022-03-17

QID 590713: Siemens SIPROTEC 5 relays (Update A) Multiple Vulnerabilities (ICSA-21-257-10)

AFFECTED PRODUCTS
The following versions of SIPROTEC 5 relays are affected:
SIPROTEC 5 relays with CPU variants CP050: All versions prior to 8.80
SIPROTEC 5 relays with CPU variants CP100: All versions prior to 8.80
SIPROTEC 5 relays with CPU variants CP300: All versions prior to 8.80

QID Detection Logic (Authenticated):
QID checks for the Vulnerable version of using passive scanning

Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition or trigger a remote code execution.

  • CVSS V3 rated as Critical - 9.8 severity.
  • CVSS V2 rated as High - 7.5 severity.
  • Solution

    Customers are advised to refer to CERT MITIGATIONS section ICSA-21-257-10 for affected packages and patching details.

    Vendor References

    CVEs related to QID 590713

    Software Advisories
    Advisory ID Software Component Link
    ICSA-21-257-10 URL Logo www.us-cert.gov/ics/advisories/ICSA-21-257-10