7.8
CVE-2018-11451
- EPSS 0.62%
- Veröffentlicht 23.07.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 03:43:23
- Quelle productcert@siemens.com
- Teams Watchlist Login
- Unerledigt Login
A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module (All versions < V4.33), Firmware variant PROFINET IO for EN100 Ethernet module (All versions), Firmware variant Modbus TCP for EN100 Ethernet module (All versions), Firmware variant DNP3 TCP for EN100 Ethernet module (All versions), Firmware variant IEC104 for EN100 Ethernet module (All versions < V1.22), SIPROTEC 5 relays with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions < V7.80), SIPROTEC 5 relays with CPU variants CP200 and the respective Ethernet communication modules (All versions < V7.58). Specially crafted packets to port 102/tcp could cause a denial-of-service condition in the affected products. A manual restart is required to recover the EN100 module functionality of the affected devices. Successful exploitation requires an attacker with network access to send multiple packets to the affected products or modules. As a precondition the IEC 61850-MMS communication needs to be activated on the affected products or modules. No user interaction or privileges are required to exploit the vulnerability. The vulnerability could allow causing a Denial-of-Service condition of the network functionality of the device, compromising the availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Siemens ≫ Dnp3 Tcp Firmware Version-
Siemens ≫ Iec 61850 Firmware Version < 4.33
Siemens ≫ Iec104 Firmware Version-
Siemens ≫ Modbus Tcp Firmware Version-
Siemens ≫ Profinet Io Firmware Version-
Siemens ≫ Cp100 Firmware Version < 7.80
Siemens ≫ 6md85 Version-
Siemens ≫ 6md86 Version-
Siemens ≫ 7ke85 Version-
Siemens ≫ 7sa82 Version-
Siemens ≫ 7sa86 Version-
Siemens ≫ 7sa87 Version-
Siemens ≫ 7sd82 Version-
Siemens ≫ 7sd86 Version-
Siemens ≫ 7sd87 Version-
Siemens ≫ 7sj82 Version-
Siemens ≫ 7sj85 Version-
Siemens ≫ 7sj86 Version-
Siemens ≫ 7sk82 Version-
Siemens ≫ 7sk85 Version-
Siemens ≫ 7sl82 Version-
Siemens ≫ 7sl86 Version-
Siemens ≫ 7sl87 Version-
Siemens ≫ 7ss85 Version-
Siemens ≫ 7um85 Version-
Siemens ≫ 7ut82 Version-
Siemens ≫ 7ut85 Version-
Siemens ≫ 7ut86 Version-
Siemens ≫ 7ut87 Version-
Siemens ≫ 7vk87 Version-
Siemens ≫ 6md86 Version-
Siemens ≫ 7ke85 Version-
Siemens ≫ 7sa82 Version-
Siemens ≫ 7sa86 Version-
Siemens ≫ 7sa87 Version-
Siemens ≫ 7sd82 Version-
Siemens ≫ 7sd86 Version-
Siemens ≫ 7sd87 Version-
Siemens ≫ 7sj82 Version-
Siemens ≫ 7sj85 Version-
Siemens ≫ 7sj86 Version-
Siemens ≫ 7sk82 Version-
Siemens ≫ 7sk85 Version-
Siemens ≫ 7sl82 Version-
Siemens ≫ 7sl86 Version-
Siemens ≫ 7sl87 Version-
Siemens ≫ 7ss85 Version-
Siemens ≫ 7um85 Version-
Siemens ≫ 7ut82 Version-
Siemens ≫ 7ut85 Version-
Siemens ≫ 7ut86 Version-
Siemens ≫ 7ut87 Version-
Siemens ≫ 7vk87 Version-
Siemens ≫ Cp200 Firmware Version-
Siemens ≫ 6md85 Version-
Siemens ≫ 6md86 Version-
Siemens ≫ 7ke85 Version-
Siemens ≫ 7sa82 Version-
Siemens ≫ 7sa86 Version-
Siemens ≫ 7sa87 Version-
Siemens ≫ 7sd82 Version-
Siemens ≫ 7sd86 Version-
Siemens ≫ 7sd87 Version-
Siemens ≫ 7sj82 Version-
Siemens ≫ 7sj85 Version-
Siemens ≫ 7sj86 Version-
Siemens ≫ 7sk82 Version-
Siemens ≫ 7sk85 Version-
Siemens ≫ 7sl82 Version-
Siemens ≫ 7sl86 Version-
Siemens ≫ 7sl87 Version-
Siemens ≫ 7ss85 Version-
Siemens ≫ 7um85 Version-
Siemens ≫ 7ut82 Version-
Siemens ≫ 7ut85 Version-
Siemens ≫ 7ut86 Version-
Siemens ≫ 7ut87 Version-
Siemens ≫ 7vk87 Version-
Siemens ≫ 6md86 Version-
Siemens ≫ 7ke85 Version-
Siemens ≫ 7sa82 Version-
Siemens ≫ 7sa86 Version-
Siemens ≫ 7sa87 Version-
Siemens ≫ 7sd82 Version-
Siemens ≫ 7sd86 Version-
Siemens ≫ 7sd87 Version-
Siemens ≫ 7sj82 Version-
Siemens ≫ 7sj85 Version-
Siemens ≫ 7sj86 Version-
Siemens ≫ 7sk82 Version-
Siemens ≫ 7sk85 Version-
Siemens ≫ 7sl82 Version-
Siemens ≫ 7sl86 Version-
Siemens ≫ 7sl87 Version-
Siemens ≫ 7ss85 Version-
Siemens ≫ 7um85 Version-
Siemens ≫ 7ut82 Version-
Siemens ≫ 7ut85 Version-
Siemens ≫ 7ut86 Version-
Siemens ≫ 7ut87 Version-
Siemens ≫ 7vk87 Version-
Siemens ≫ Cp300 Firmware Version < 7.80
Siemens ≫ 6md85 Version-
Siemens ≫ 6md86 Version-
Siemens ≫ 7ke85 Version-
Siemens ≫ 7sa82 Version-
Siemens ≫ 7sa86 Version-
Siemens ≫ 7sa87 Version-
Siemens ≫ 7sd82 Version-
Siemens ≫ 7sd86 Version-
Siemens ≫ 7sd87 Version-
Siemens ≫ 7sj82 Version-
Siemens ≫ 7sj85 Version-
Siemens ≫ 7sj86 Version-
Siemens ≫ 7sk82 Version-
Siemens ≫ 7sk85 Version-
Siemens ≫ 7sl82 Version-
Siemens ≫ 7sl86 Version-
Siemens ≫ 7sl87 Version-
Siemens ≫ 7ss85 Version-
Siemens ≫ 7um85 Version-
Siemens ≫ 7ut82 Version-
Siemens ≫ 7ut85 Version-
Siemens ≫ 7ut86 Version-
Siemens ≫ 7ut87 Version-
Siemens ≫ 7vk87 Version-
Siemens ≫ 6md86 Version-
Siemens ≫ 7ke85 Version-
Siemens ≫ 7sa82 Version-
Siemens ≫ 7sa86 Version-
Siemens ≫ 7sa87 Version-
Siemens ≫ 7sd82 Version-
Siemens ≫ 7sd86 Version-
Siemens ≫ 7sd87 Version-
Siemens ≫ 7sj82 Version-
Siemens ≫ 7sj85 Version-
Siemens ≫ 7sj86 Version-
Siemens ≫ 7sk82 Version-
Siemens ≫ 7sk85 Version-
Siemens ≫ 7sl82 Version-
Siemens ≫ 7sl86 Version-
Siemens ≫ 7sl87 Version-
Siemens ≫ 7ss85 Version-
Siemens ≫ 7um85 Version-
Siemens ≫ 7ut82 Version-
Siemens ≫ 7ut85 Version-
Siemens ≫ 7ut86 Version-
Siemens ≫ 7ut87 Version-
Siemens ≫ 7vk87 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.62% | 0.689 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 7.8 | 10 | 6.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.