QID 591258

Date Published: 2023-01-06

QID 591258: Siemens SIPROTEC 5 Devices denDenial of Service (DoS) Vulnerability (ICSA-22-349-11, SSA-552874)

AFFECTED PRODUCTS
SIPROTEC 5 6MD85 devices (CPU variant CP200): All versions.
SIPROTEC 5 6MD85 devices (CPU variant CP300): All versions.
SIPROTEC 5 6MD86 devices (CPU variant CP200): All versions.
SIPROTEC 5 6MD86 devices (CPU variant CP300): All versions.
SIPROTEC 5 6MD89 devices (CPU variant CP300): All versions.
SIPROTEC 5 6MU85 devices (CPU variant CP300): All versions.
SIPROTEC 5 7KE85 devices (CPU variant CP200): All versions.
SIPROTEC 5 7KE85 devices (CPU variant CP300): All versions.
SIPROTEC 5 7SA82 devices (CPU variant CP100): All versions.
SIPROTEC 5 7SA82 devices (CPU variant CP150): All versions.
SIPROTEC 5 7SA86 devices (CPU variant CP200): All versions.
SIPROTEC 5 7SA86 devices (CPU variant CP300): All versions.
SIPROTEC 5 7SA87 devices (CPU variant CP200): All versions.
SIPROTEC 5 7SA87 devices (CPU variant CP300): All versions.
SIPROTEC 5 7SD82 devices (CPU variant CP100): All versions.
SIPROTEC 5 7SD82 devices (CPU variant CP150): All versions.
SIPROTEC 5 7SD86 devices (CPU variant CP200): All versions.
SIPROTEC 5 7SD86 devices (CPU variant CP300): All versions.
SIPROTEC 5 7SD87 devices (CPU variant CP200): All versions.
SIPROTEC 5 7SD87 devices (CPU variant CP300): All versions.
SIPROTEC 5 7SJ81 devices (CPU variant CP100): All versions.
SIPROTEC 5 7SJ81 devices (CPU variant CP150): All versions.
SIPROTEC 5 7SJ82 devices (CPU variant CP100): All versions.
SIPROTEC 5 7SJ82 devices (CPU variant CP150): All versions.
SIPROTEC 5 7SJ85 devices (CPU variant CP200): All versions.
SIPROTEC 5 7SJ85 devices (CPU variant CP300): All versions.
SIPROTEC 5 7SJ86 devices (CPU variant CP200): All versions.
SIPROTEC 5 7SJ86 devices (CPU variant CP300): All versions.
SIPROTEC 5 7SK82 devices (CPU variant CP100): All versions.
SIPROTEC 5 7SK82 devices (CPU variant CP150): All versions.
SIPROTEC 5 7SK85 devices (CPU variant CP200): All versions.
SIPROTEC 5 7SK85 devices (CPU variant CP300): All versions.
SIPROTEC 5 7SL82 devices (CPU variant CP100): All versions.
SIPROTEC 5 7SL82 devices (CPU variant CP150): All versions.
SIPROTEC 5 7SL86 devices (CPU variant CP200): All versions.
SIPROTEC 5 7SL86 devices (CPU variant CP300): All versions.
SIPROTEC 5 7SL87 devices (CPU variant CP200): All versions.
SIPROTEC 5 7SL87 devices (CPU variant CP300): All versions.
SIPROTEC 5 7SS85 devices (CPU variant CP200): All versions.
SIPROTEC 5 7SS85 devices (CPU variant CP300): All versions.
SIPROTEC 5 7ST85 devices (CPU variant CP200): All versions.
SIPROTEC 5 7ST85 devices (CPU variant CP300): All versions.
SIPROTEC 5 7SX85 devices (CPU variant CP300): All versions.
SIPROTEC 5 7UM85 devices (CPU variant CP300): All versions.
SIPROTEC 5 7UT82 devices (CPU variant CP100): All versions.
SIPROTEC 5 7UT82 devices (CPU variant CP150): All versions.
SIPROTEC 5 7UT85 devices (CPU variant CP200): All versions.
SIPROTEC 5 7UT85 devices (CPU variant CP300): All versions.
SIPROTEC 5 7UT86 devices (CPU variant CP200): All versions.
SIPROTEC 5 7UT86 devices (CPU variant CP300): All versions.
SIPROTEC 5 7UT87 devices (CPU variant CP200): All versions.
SIPROTEC 5 7UT87 devices (CPU variant CP300): All versions.
SIPROTEC 5 7VE85 devices (CPU variant CP300): All versions.
SIPROTEC 5 7VK87 devices (CPU variant CP200): All versions.
SIPROTEC 5 7VK87 devices (CPU variant CP300): All versions.
SIPROTEC 5 Communication Module ETH-BA-2EL: All versions.
SIPROTEC 5 Communication Module ETH-BB-2FO: All versions.
SIPROTEC 5 Communication Module ETH-BD-2FO: All versions.
SIPROTEC 5 Compact 7SX800 devices (CPU variant CP050): All versions.

QID Detection Logic:
This QID checks for the Vulnerable version of Siemens SIPROTEC 5 Devices using passive scanning

Successful exploitation of this vulnerability could allow an attacker to create a denial-of-service condition on ports 443/TCP and 4443/TCP for a duration.

CVSS V3 rated as High - 7.5 severity.

CVSS V2 rated as Medium - 5 severity.

Solution

Customers are advised to refer to CERT MITIGATIONS section ICSA-22-349-11 or Schneider Electric MITIGATIONS section SSA-552874 for affected packages and patching details.

Vendor References

ICSA-22-349-11 - www.cisa.gov/uscert/ics/advisories/icsa-22-349-11

CVEs related to QID 591258

CVE-2022-45044 |

Software Advisories

Advisory ID	Software	Component	Link

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].