K45062506: Siemens Ethernet card DoS vulnerabilities CVE-2018-11451 and CVE-2018-11452

Security Advisory Description CVE-2018-11451 A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module All versions V4.33, Firmware variant PROFINET IO for EN100 Ethernet module All versions, Firmware variant Modbus TCP for EN100 Ethernet module All versions,...

Siemens Dnp3 Improper Input Validation

A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module All versions V4.33, Firmware variant PROFINET IO for EN100 Ethernet module All versions, Firmware variant Modbus TCP for EN100 Ethernet module All versions, Firmware variant DNP3 TCP for EN100 Ethernet...

Siemens EN100 Ethernet Communication Module Denial of Service Vulnerability

Siemens EN100 Ethernet Communication Module is an Ethernet module from Siemens, Germany. A denial of service vulnerability exists in the Siemens EN100 Ethernet Communication Module. An attacker can exploit this vulnerability by sending specially crafted packets to port 102/tcp while oscillographs...

Design/Logic Flaw

A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module All versions V4.33, Firmware variant PROFINET IO for EN100 Ethernet module All versions, Firmware variant Modbus TCP for EN100 Ethernet module All versions, Firmware variant DNP3 TCP for EN100 Ethernet...

CVE-2018-11452

A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module All versions V4.33, Firmware variant PROFINET IO for EN100 Ethernet module All versions, Firmware variant Modbus TCP for EN100 Ethernet module All versions, Firmware variant DNP3 TCP for EN100 Ethernet...

CVE-2018-11452

CVE-2018-11452 affects Siemens EN100 Ethernet Module firmware variants (IEC 61850, PROFINET IO, Modbus TCP, DNP3 TCP, IEC104). The root cause is an improper handling of crafted packets to port 102/TCP that can trigger a Denial-of-Service condition when oscillographs are running, compromising avai...

ICSA-18-347-02 Siemens EN100 Ethernet Communication Module and SIPROTEC 5 Relays (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: EN100 Ethernet Communication Module and SIPROTEC 5 relays Vulnerabilities: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original...