CVE-2024-52504
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability has been identified in SIPROTEC 4 6MD61 (All versions), SIPROTEC 4 6MD63 (All versions), SIPROTEC 4 6MD66 (All versions), SIPROTEC 4 6MD665 (All versions), SIPROTEC 4 7SA522 (All versions), SIPROTEC 4 7SA6 (All versions < V4.78), SIPROTEC 4 7SD5 (All versions < V4.78), SIPROTEC 4 7SD610 (All versions < V4.78), SIPROTEC 4 7SJ61 (All versions), SIPROTEC 4 7SJ62 (All versions), SIPROTEC 4 7SJ63 (All versions), SIPROTEC 4 7SJ64 (All versions), SIPROTEC 4 7SJ66 (All versions), SIPROTEC 4 7SS52 (All versions), SIPROTEC 4 7ST6 (All versions), SIPROTEC 4 7UM61 (All versions), SIPROTEC 4 7UM62 (All versions), SIPROTEC 4 7UT612 (All versions), SIPROTEC 4 7UT613 (All versions), SIPROTEC 4 7UT63 (All versions), SIPROTEC 4 7VE6 (All versions), SIPROTEC 4 7VK61 (All versions), SIPROTEC 4 7VU683 (All versions), SIPROTEC 4 Compact 7RW80 (All versions), SIPROTEC 4 Compact 7SD80 (All versions), SIPROTEC 4 Compact 7SJ80 (All versions), SIPROTEC 4 Compact 7SJ81 (All versions), SIPROTEC 4 Compact 7SK80 (All versions), SIPROTEC 4 Compact 7SK81 (All versions). Affected devices do not properly handle interrupted operations of file transfer. This could allow an unauthenticated remote attacker to cause a denial of service condition. To restore normal operations, the devices need to be restarted.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Siemens | SIPROTEC 4 6MD61 | 0 < * | affected |
| Siemens | SIPROTEC 4 6MD63 | 0 < * | affected |
| Siemens | SIPROTEC 4 6MD66 | 0 < * | affected |
| Siemens | SIPROTEC 4 6MD665 | 0 < * | affected |
| Siemens | SIPROTEC 4 7SA522 | 0 < * | affected |
| Siemens | SIPROTEC 4 7SA6 | 0 < V4.78 | affected |
| Siemens | SIPROTEC 4 7SD5 | 0 < V4.78 | affected |
| Siemens | SIPROTEC 4 7SD610 | 0 < V4.78 | affected |
| Siemens | SIPROTEC 4 7SJ61 | 0 < * | affected |
| Siemens | SIPROTEC 4 7SJ62 | 0 < * | affected |
| Siemens | SIPROTEC 4 7SJ63 | 0 < * | affected |
| Siemens | SIPROTEC 4 7SJ64 | 0 < * | affected |
| Siemens | SIPROTEC 4 7SJ66 | 0 < * | affected |
| Siemens | SIPROTEC 4 7SS52 | 0 < * | affected |
| Siemens | SIPROTEC 4 7ST6 | 0 < * | affected |
| Siemens | SIPROTEC 4 7UM61 | 0 < * | affected |
| Siemens | SIPROTEC 4 7UM62 | 0 < * | affected |
| Siemens | SIPROTEC 4 7UT612 | 0 < * | affected |
| Siemens | SIPROTEC 4 7UT613 | 0 < * | affected |
| Siemens | SIPROTEC 4 7UT63 | 0 < * | affected |
| Siemens | SIPROTEC 4 7VE6 | 0 < * | affected |
| Siemens | SIPROTEC 4 7VK61 | 0 < * | affected |
| Siemens | SIPROTEC 4 7VU683 | 0 < * | affected |
| Siemens | SIPROTEC 4 Compact 7RW80 | 0 < * | affected |
| Siemens | SIPROTEC 4 Compact 7SD80 | 0 < * | affected |
| Siemens | SIPROTEC 4 Compact 7SJ80 | 0 < * | affected |
| Siemens | SIPROTEC 4 Compact 7SJ81 | 0 < * | affected |
| Siemens | SIPROTEC 4 Compact 7SK80 | 0 < * | affected |
| Siemens | SIPROTEC 4 Compact 7SK81 | 0 < * | affected |
Weaknesses
- CWE-754: CWE-754: Improper Check for Unusual or Exceptional Conditions
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.