cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-38867,https://securityvulnerability.io/vulnerability/CVE-2024-38867,Security Weakness in SIPROTEC 5 Devices by Siemens,"Several SIPROTEC 5 devices by Siemens are affected by a vulnerability that allows unauthorized attackers to intercept and decrypt data transmitted over specific ports. This issue arises due to the support of weak ciphers on multiple communication channels, including those for web access and the DIGSI 5 utility. An attacker could exploit this weakness by positioning themselves in a man-in-the-middle scenario, leading potentially to unauthorized access to sensitive information transferred over the network.",Siemens,"Siprotec 5 6md84 (cp300),Siprotec 5 6md85 (cp200),Siprotec 5 6md85 (cp300),Siprotec 5 6md86 (cp200),Siprotec 5 6md86 (cp300),Siprotec 5 6md89 (cp300),Siprotec 5 6mu85 (cp300),Siprotec 5 7ke85 (cp200),Siprotec 5 7ke85 (cp300),Siprotec 5 7sa82 (cp100),Siprotec 5 7sa82 (cp150),Siprotec 5 7sa84 (cp200),Siprotec 5 7sa86 (cp200),Siprotec 5 7sa86 (cp300),Siprotec 5 7sa87 (cp200),Siprotec 5 7sa87 (cp300),Siprotec 5 7sd82 (cp100),Siprotec 5 7sd82 (cp150),Siprotec 5 7sd84 (cp200),Siprotec 5 7sd86 (cp200),Siprotec 5 7sd86 (cp300),Siprotec 5 7sd87 (cp200),Siprotec 5 7sd87 (cp300),Siprotec 5 7sj81 (cp100),Siprotec 5 7sj81 (cp150),Siprotec 5 7sj82 (cp100),Siprotec 5 7sj82 (cp150),Siprotec 5 7sj85 (cp200),Siprotec 5 7sj85 (cp300),Siprotec 5 7sj86 (cp200),Siprotec 5 7sj86 (cp300),Siprotec 5 7sk82 (cp100),Siprotec 5 7sk82 (cp150),Siprotec 5 7sk85 (cp200),Siprotec 5 7sk85 (cp300),Siprotec 5 7sl82 (cp100),Siprotec 5 7sl82 (cp150),Siprotec 5 7sl86 (cp200),Siprotec 5 7sl86 (cp300),Siprotec 5 7sl87 (cp200),Siprotec 5 7sl87 (cp300),Siprotec 5 7ss85 (cp200),Siprotec 5 7ss85 (cp300),Siprotec 5 7st85 (cp200),Siprotec 5 7st85 (cp300),Siprotec 5 7st86 (cp300),Siprotec 5 7sx82 (cp150),Siprotec 5 7sx85 (cp300),Siprotec 5 7um85 (cp300),Siprotec 5 7ut82 (cp100),Siprotec 5 7ut82 (cp150),Siprotec 5 7ut85 (cp200),Siprotec 5 7ut85 (cp300),Siprotec 5 7ut86 (cp200),Siprotec 5 7ut86 (cp300),Siprotec 5 7ut87 (cp200),Siprotec 5 7ut87 (cp300),Siprotec 5 7ve85 (cp300),Siprotec 5 7vk87 (cp200),Siprotec 5 7vk87 (cp300),Siprotec 5 7vu85 (cp300),Siprotec 5 Communication Module Eth-ba-2el (rev.1),Siprotec 5 Communication Module Eth-bb-2fo (rev. 1),Siprotec 5 Communication Module Eth-bd-2fo,Siprotec 5 Compact 7sx800 (cp050)",5.9,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-07-09T12:15:00.000Z,0
CVE-2023-28766,https://securityvulnerability.io/vulnerability/CVE-2023-28766,Denial of Service Vulnerability in Siemens SIPROTEC 5 Series,"A vulnerability in multiple models of the Siemens SIPROTEC 5 series has been discovered, where improper validation of HTTP request parameters in the hosted web service could allow an unauthenticated remote attacker to send specially crafted packets. This could lead to a denial of service condition, impacting the availability and proper functioning of the affected devices. Users are encouraged to review the versions affected and apply necessary updates to mitigate this security risk.",Siemens,"Siprotec 5 6md85 (cp300),Siprotec 5 6md86 (cp300),Siprotec 5 6md89 (cp300),Siprotec 5 6mu85 (cp300),Siprotec 5 7ke85 (cp300),Siprotec 5 7sa82 (cp100),Siprotec 5 7sa82 (cp150),Siprotec 5 7sa86 (cp300),Siprotec 5 7sa87 (cp300),Siprotec 5 7sd82 (cp100),Siprotec 5 7sd82 (cp150),Siprotec 5 7sd86 (cp300),Siprotec 5 7sd87 (cp300),Siprotec 5 7sj81 (cp100),Siprotec 5 7sj81 (cp150),Siprotec 5 7sj82 (cp100),Siprotec 5 7sj82 (cp150),Siprotec 5 7sj85 (cp300),Siprotec 5 7sj86 (cp300),Siprotec 5 7sk82 (cp100),Siprotec 5 7sk82 (cp150),Siprotec 5 7sk85 (cp300),Siprotec 5 7sl82 (cp100),Siprotec 5 7sl82 (cp150),Siprotec 5 7sl86 (cp300),Siprotec 5 7sl87 (cp300),Siprotec 5 7ss85 (cp300),Siprotec 5 7st85 (cp300),Siprotec 5 7st86 (cp300),Siprotec 5 7sx82 (cp150),Siprotec 5 7sx85 (cp300),Siprotec 5 7um85 (cp300),Siprotec 5 7ut82 (cp100),Siprotec 5 7ut82 (cp150),Siprotec 5 7ut85 (cp300),Siprotec 5 7ut86 (cp300),Siprotec 5 7ut87 (cp300),Siprotec 5 7ve85 (cp300),Siprotec 5 7vk87 (cp300),Siprotec 5 7vu85 (cp300),Siprotec 5 Communication Module Eth-ba-2el,Siprotec 5 Communication Module Eth-bb-2fo,Siprotec 5 Communication Module Eth-bd-2fo,Siprotec 5 Compact 7sx800 (cp050)",7.5,HIGH,0.0005099999834783375,false,,false,false,false,,false,false,2023-04-11T10:15:00.000Z,0
CVE-2022-45044,https://securityvulnerability.io/vulnerability/CVE-2022-45044,Denial of Service Vulnerability in SIPROTEC 5 by Siemens,"A vulnerability exists in various models of the SIPROTEC 5 series from Siemens, resulting from improper restrictions on secure client-initiated renegotiations within SSL and TLS protocols. This flaw can potentially enable attackers to launch denial of service attacks, causing disruption on designated ports (443/tcp and 4443/tcp). It is crucial for users of the affected products to apply relevant updates to ensure system integrity and availability.",Siemens,"Siprotec 5 6md84 (cp300),Siprotec 5 6md85 (cp200),Siprotec 5 6md85 (cp300),Siprotec 5 6md86 (cp200),Siprotec 5 6md86 (cp300),Siprotec 5 6md89 (cp300),Siprotec 5 6mu85 (cp300),Siprotec 5 7ke85 (cp200),Siprotec 5 7ke85 (cp300),Siprotec 5 7sa82 (cp100),Siprotec 5 7sa82 (cp150),Siprotec 5 7sa84 (cp200),Siprotec 5 7sa86 (cp200),Siprotec 5 7sa86 (cp300),Siprotec 5 7sa87 (cp200),Siprotec 5 7sa87 (cp300),Siprotec 5 7sd82 (cp100),Siprotec 5 7sd82 (cp150),Siprotec 5 7sd84 (cp200),Siprotec 5 7sd86 (cp200),Siprotec 5 7sd86 (cp300),Siprotec 5 7sd87 (cp200),Siprotec 5 7sd87 (cp300),Siprotec 5 7sj81 (cp100),Siprotec 5 7sj81 (cp150),Siprotec 5 7sj82 (cp100),Siprotec 5 7sj82 (cp150),Siprotec 5 7sj85 (cp200),Siprotec 5 7sj85 (cp300),Siprotec 5 7sj86 (cp200),Siprotec 5 7sj86 (cp300),Siprotec 5 7sk82 (cp100),Siprotec 5 7sk82 (cp150),Siprotec 5 7sk85 (cp200),Siprotec 5 7sk85 (cp300),Siprotec 5 7sl82 (cp100),Siprotec 5 7sl82 (cp150),Siprotec 5 7sl86 (cp200),Siprotec 5 7sl86 (cp300),Siprotec 5 7sl87 (cp200),Siprotec 5 7sl87 (cp300),Siprotec 5 7ss85 (cp200),Siprotec 5 7ss85 (cp300),Siprotec 5 7st85 (cp200),Siprotec 5 7st85 (cp300),Siprotec 5 7st86 (cp300),Siprotec 5 7sx82 (cp150),Siprotec 5 7sx85 (cp300),Siprotec 5 7um85 (cp300),Siprotec 5 7ut82 (cp100),Siprotec 5 7ut82 (cp150),Siprotec 5 7ut85 (cp200),Siprotec 5 7ut85 (cp300),Siprotec 5 7ut86 (cp200),Siprotec 5 7ut86 (cp300),Siprotec 5 7ut87 (cp200),Siprotec 5 7ut87 (cp300),Siprotec 5 7ve85 (cp300),Siprotec 5 7vk87 (cp200),Siprotec 5 7vk87 (cp300),Siprotec 5 7vu85 (cp300),Siprotec 5 Communication Module Eth-ba-2el,Siprotec 5 Communication Module Eth-bb-2fo,Siprotec 5 Communication Module Eth-bd-2fo,Siprotec 5 Compact 7sx800 (cp050)",5.3,MEDIUM,0.0004400000034365803,false,,false,false,false,,false,false,2022-12-13T00:00:00.000Z,0
CVE-2021-41769,https://securityvulnerability.io/vulnerability/CVE-2021-41769,,"A vulnerability has been identified in SIPROTEC 5 6MD85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD89 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MU85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7KE85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SA82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SA86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SA87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SD82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SD87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SJ81 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SJ82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SJ85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SJ86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SK82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SK85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SL82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SL86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SL87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SS85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7ST85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SX85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UM85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7UT85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7VE85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7VK87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 Compact 7SX800 devices (CPU variant CP050) (All versions < V8.83). An improper input validation vulnerability in the web server could allow an unauthenticated user to access device information.",Siemens,"Siprotec 5 6md85 Devices (cpu Variant Cp300),Siprotec 5 6md86 Devices (cpu Variant Cp300),Siprotec 5 6md89 Devices (cpu Variant Cp300),Siprotec 5 6mu85 Devices (cpu Variant Cp300),Siprotec 5 7ke85 Devices (cpu Variant Cp300),Siprotec 5 7sa82 Devices (cpu Variant Cp100),Siprotec 5 7sa86 Devices (cpu Variant Cp300),Siprotec 5 7sa87 Devices (cpu Variant Cp300),Siprotec 5 7sd82 Devices (cpu Variant Cp100),Siprotec 5 7sd86 Devices (cpu Variant Cp300),Siprotec 5 7sd87 Devices (cpu Variant Cp300),Siprotec 5 7sj81 Devices (cpu Variant Cp100),Siprotec 5 7sj82 Devices (cpu Variant Cp100),Siprotec 5 7sj85 Devices (cpu Variant Cp300),Siprotec 5 7sj86 Devices (cpu Variant Cp300),Siprotec 5 7sk82 Devices (cpu Variant Cp100),Siprotec 5 7sk85 Devices (cpu Variant Cp300),Siprotec 5 7sl82 Devices (cpu Variant Cp100),Siprotec 5 7sl86 Devices (cpu Variant Cp300),Siprotec 5 7sl87 Devices (cpu Variant Cp300),Siprotec 5 7ss85 Devices (cpu Variant Cp300),Siprotec 5 7st85 Devices (cpu Variant Cp300),Siprotec 5 7sx85 Devices (cpu Variant Cp300),Siprotec 5 7um85 Devices (cpu Variant Cp300),Siprotec 5 7ut82 Devices (cpu Variant Cp100),Siprotec 5 7ut85 Devices (cpu Variant Cp300),Siprotec 5 7ut86 Devices (cpu Variant Cp300),Siprotec 5 7ut87 Devices (cpu Variant Cp300),Siprotec 5 7ve85 Devices (cpu Variant Cp300),Siprotec 5 7vk87 Devices (cpu Variant Cp300),Siprotec 5 Compact 7sx800 Devices (cpu Variant Cp050)",7.5,HIGH,0.001290000043809414,false,,false,false,false,,false,false,2022-01-11T11:27:16.000Z,0
CVE-2019-10930,https://securityvulnerability.io/vulnerability/CVE-2019-10930,,"A vulnerability has been identified in All other SIPROTEC 5 device types with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions ), DIGSI 5 engineering software (All versions < V7.90), SIPROTEC 5 device types 6MD85, 6MD86, 6MD89, 7UM85, 7SA87, 7SD87, 7SL87, 7VK87, 7SA82, 7SA86, 7SD82, 7SD86, 7SL82, 7SL86, 7SJ86, 7SK82, 7SK85, 7SJ82, 7SJ85, 7UT82, 7UT85, 7UT86, 7UT87 and 7VE85 with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions < V7.90), SIPROTEC 5 device types 7SS85 and 7KE85 (All versions < V8.01), SIPROTEC 5 device types with CPU variants CP200 and the respective Ethernet communication modules (All versions). A remote attacker could use specially crafted packets sent to port 443/TCP to upload, download or delete files in certain parts of the file system.",Siemens Ag,"All Other Siprotec 5 Device Types With Cpu Variants Cp300 And Cp100 And The Respective Ethernet Communication Modules,Digsi 5 Engineering Software,Siprotec 5 Device Types 6md85, 6md86, 6md89, 7um85, 7sa87, 7sd87, 7sl87, 7vk87, 7sa82, 7sa86, 7sd82, 7sd86, 7sl82, 7sl86, 7sj86, 7sk82, 7sk85, 7sj82, 7sj85, 7ut82, 7ut85, 7ut86, 7ut87 And 7ve85 With Cpu Variants Cp300 And Cp100 And The Respective Ethernet Communication Modules,Siprotec 5 Device Types 7ss85 And 7ke85,Siprotec 5 Device Types With Cpu Variants Cp200 And The Respective Ethernet Communication Modules",7.5,HIGH,0.0014700000174343586,false,,false,false,false,,false,false,2019-07-11T21:17:47.000Z,0
CVE-2019-10931,https://securityvulnerability.io/vulnerability/CVE-2019-10931,,"A vulnerability has been identified in All other SIPROTEC 5 device types with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions ), DIGSI 5 engineering software (All versions < V7.90), SIPROTEC 5 device types 6MD85, 6MD86, 6MD89, 7UM85, 7SA87, 7SD87, 7SL87, 7VK87, 7SA82, 7SA86, 7SD82, 7SD86, 7SL82, 7SL86, 7SJ86, 7SK82, 7SK85, 7SJ82, 7SJ85, 7UT82, 7UT85, 7UT86, 7UT87 and 7VE85 with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions < V7.90), SIPROTEC 5 device types 7SS85 and 7KE85 (All versions < V8.01), SIPROTEC 5 device types with CPU variants CP200 and the respective Ethernet communication modules (All versions < V7.59), SIPROTEC 5 relays with CPU variants CP200 and the respective Ethernet communication modules (All versions < V7.59). Specially crafted packets sent to port 443/TCP could cause a Denial of Service condition.",Siemens Ag,"All Other Siprotec 5 Device Types With Cpu Variants Cp300 And Cp100 And The Respective Ethernet Communication Modules,Digsi 5 Engineering Software,Siprotec 5 Device Types 6md85, 6md86, 6md89, 7um85, 7sa87, 7sd87, 7sl87, 7vk87, 7sa82, 7sa86, 7sd82, 7sd86, 7sl82, 7sl86, 7sj86, 7sk82, 7sk85, 7sj82, 7sj85, 7ut82, 7ut85, 7ut86, 7ut87 And 7ve85 With Cpu Variants Cp300 And Cp100 And The Respective Ethernet Communication Modules,Siprotec 5 Device Types 7ss85 And 7ke85,Siprotec 5 Device Types With Cpu Variants Cp200 And The Respective Ethernet Communication Modules,Siprotec 5 Relays With Cpu Variants Cp200 And The Respective Ethernet Communication Modules",7.5,HIGH,0.0010300000431016088,false,,false,false,false,,false,false,2019-07-11T21:17:47.000Z,0