326 matches found
CVE-2025-40808
A vulnerability has been identified in SIPROTEC 5 6MD84 CP300 All versions, SIPROTEC 5 6MD85 CP200 All versions, SIPROTEC 5 6MD85 CP300 All versions, SIPROTEC 5 6MD86 CP200 All versions, SIPROTEC 5 6MD86 CP300 All versions, SIPROTEC 5 6MD89 CP300 All versions, SIPROTEC 5 6MU85 CP300 All versions,...
EUVD-2025-210083
A vulnerability has been identified in SIPROTEC 5 6MD84 CP300 All versions, SIPROTEC 5 6MD85 CP200 All versions, SIPROTEC 5 6MD85 CP300 All versions, SIPROTEC 5 6MD86 CP200 All versions, SIPROTEC 5 6MD86 CP300 All versions, SIPROTEC 5 6MD89 CP300 All versions, SIPROTEC 5 6MU85 CP300 All versions,...
CVE-2025-40808
A vulnerability has been identified in SIPROTEC 5 6MD84 CP300 All versions, SIPROTEC 5 6MD85 CP200 All versions, SIPROTEC 5 6MD85 CP300 All versions, SIPROTEC 5 6MD86 CP200 All versions, SIPROTEC 5 6MD86 CP300 All versions, SIPROTEC 5 6MD89 CP300 All versions, SIPROTEC 5 6MU85 CP300 All versions,...
CVE-2025-40808
The vulnerability CVE-2025-40808 affects SIPROTEC 5 line hardware (multiple models listed) where the affected application allows authenticated users to upload arbitrary files via the DIGSI 5 protocol. This could result in uploading malicious configuration files, potentially causing denial of serv...
PT-2026-47728
A vulnerability has been identified in SIPROTEC 5 6MD84 CP300 All versions, SIPROTEC 5 6MD85 CP200 All versions, SIPROTEC 5 6MD85 CP300 All versions, SIPROTEC 5 6MD86 CP200 All versions, SIPROTEC 5 6MD86 CP300 All versions, SIPROTEC 5 6MD89 CP300 All versions, SIPROTEC 5 6MU85 CP300 All versions,...
CVE-2024-54017
A vulnerability has been identified in SIPROTEC 5 6MD84 CP300 All versions = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SA82 CP150 All versions = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SD82 CP150 All versions = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SJ81 CP150 All versions = V7.80, SIPROT...
EUVD-2024-55574
A vulnerability has been identified in SIPROTEC 5 6MD84 CP300 All versions = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SA82 CP150 All versions = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SD82 CP150 All versions = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SJ81 CP150 All versions = V7.80, SIPROT...
CVE-2024-54017
A vulnerability has been identified in SIPROTEC 5 6MD84 CP300 All versions = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SA82 CP150 All versions = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SD82 CP150 All versions = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SJ81 CP150 All versions = V7.80, SIPROT...
CVE-2024-54017
A vulnerability has been identified in SIPROTEC 5 6MD84 CP300 All versions = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SA82 CP150 All versions = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SD82 CP150 All versions = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SJ81 CP150 All versions = V7.80, SIPROT...
CVE-2024-54017
A vulnerability has been identified in SIPROTEC 5 6MD84 CP300 All versions = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SA82 CP150 All versions = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SD82 CP150 All versions = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SJ81 CP150 All versions = V7.80, SIPROT...
CVE-2024-54017
A vulnerability has been identified in SIPROTEC 5 6MD84 CP300 All versions = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SA82 CP150 All versions = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SD82 CP150 All versions = V7.80 = V7.80 = V7.80, SIPROTEC 5 7SJ81 CP150 All versions = V7.80, SIPROT...
PT-2026-39977
Name of the Vulnerable Software and Affected Versions SIPROTEC 5 6MD84 CP300 versions prior to V11.0 SIPROTEC 5 6MD85 CP200 affected versions not specified SIPROTEC 5 6MD85 CP300 versions V7.80 through V11.0 SIPROTEC 5 6MD86 CP200 affected versions not specified SIPROTEC 5 6MD86 CP300 versions...
Siemens SIPROTEC 5
SUMMARY The SIPROTEC 5 devices do not use sufficiently random numbers to generate session identifiers. This could facilitate a brute-force attack against a valid session identifier which could allow an unauthenticated remote attacker to hijack a valid user session. The affected session...
CVE-2021-33719
A vulnerability has been identified in SIPROTEC 5 relays with CPU variants CP050 All versions V8.80, SIPROTEC 5 relays with CPU variants CP100 All versions V8.80, SIPROTEC 5 relays with CPU variants CP300 All versions V8.80. Specially crafted packets sent to port 4443/tcp could cause a...
CVE-2025-40570
A vulnerability has been identified in SIPROTEC 5 6MD84 CP300 All versions = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 = V7.80 V10.0, SIPROTEC 5 7ST85 CP300 All versions V10.0, SIPROTEC 5 7ST86 CP300 All versions V10.0, SIPROTEC ...
CVE-2025-40742
A vulnerability has been identified in SIPROTEC 5 6MD84 CP300 All versions V11.0, SIPROTEC 5 6MD85 CP200 All versions, SIPROTEC 5 6MD85 CP300 All versions V11.0, SIPROTEC 5 6MD86 CP200 All versions, SIPROTEC 5 6MD86 CP300 All versions V11.0, SIPROTEC 5 6MD89 CP300 All versions V11.0, SIPROTEC 5...
Siemens SIPROTEC Inadequate Encryption Strength (CVE-2024-38867)
The affected devices are supporting weak ciphers on several ports 443/tcp for web, 4443/tcp for DIGSI 5 and configurable port for syslog over TLS. This could allow an unauthorized attacker in a man-in-the-middle position to decrypt any data passed over to and from those ports. This plugin only...
Siemens SIPROTEC 5 Allocation of Resources Without Limits or Throttling (CVE-2025-40570)
Affected devices do not properly limit the bandwidth for incoming network packets over their local USB port. This could allow an attacker with physical access to send specially crafted packets with high bandwidth to the affected devices thus forcing them to exhaust their memory and stop respondin...
Siemens SIPROTEC 5 Use of Get Request Method with Sensitive Query Strings (CVE-2025-40742)
The affected devices include session identifiers in URL requests for certain functionalities. This could allow an attacker to retrieve sensitive session data from browser history, logs, or other storage mechanisms, potentially leading to unauthorized access. This plugin only works with Tenable.ot...
Siemens SIPROTEC 4 and SIPROTEC 4 Compact Improper Check For Unusual or Exceptional Conditions (CVE-2024-52504)
Affected devices do not properly handle interrupted operations of file transfer. This could allow an unauthenticated remote attacker to cause a denial of service condition. To restore normal operations, the devices need to be restarted. This plugin only works with Tenable.ot. Please visit...