CVE-2021-37206

Summary

A vulnerability has been identified in SIPROTEC 5 relays with CPU variants CP050 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP100 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP300 (All versions < V8.80). Received webpackets are not properly processed. An unauthenticated remote attacker with access to any of the Ethernet interfaces could send specially crafted packets to force a restart of the target device.

Affected Software

VendorProductVersion RangeStatus
SiemensSIPROTEC 5 relays with CPU variants CP050All versions < V8.80affected
SiemensSIPROTEC 5 relays with CPU variants CP100All versions < V8.80affected
SiemensSIPROTEC 5 relays with CPU variants CP300All versions < V8.80affected

Weaknesses

  • CWE-20: CWE-20: Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

References