19 matches found
Siemens SIPROTEC 4 and SIPROTEC 4 Compact Improper Check For Unusual or Exceptional Conditions (CVE-2024-52504)
Affected devices do not properly handle interrupted operations of file transfer. This could allow an unauthenticated remote attacker to cause a denial of service condition. To restore normal operations, the devices need to be restarted. This plugin only works with Tenable.ot. Please visit...
Siemens多款产品 代码问题漏洞
Siemens SIPROTEC 4 is a multifunction relay from Siemens Germany. A code issue vulnerability exists in various Siemens products that stems from mishandling of a file transfer operation, which could result in a denial of service. The following products are affected: SIPROTEC 4 6MD61, 6MD63, 6MD66,...
Siemens SIPROTEC 4 7SJ66
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
CVE-2019-19279
CVE-2019-19279 affects Siemens SIPROTEC 4 and SIPROTEC Compact relays with EN100 Ethernet modules (all versions). The issue is caused by sending specially crafted packets to UDP port 50000, which can trigger a network-denial-of-service on the affected device. Recovery requires a manual reboot. At...
CVE-2019-19279
A vulnerability has been identified in SIPROTEC 4 and SIPROTEC Compact relays equipped with EN100 Ethernet communication modules All versions. Specially crafted packets sent to port 50000/UDP of the EN100 Ethernet communication modules could cause a Denial-of-Service of the affected device. A...
Siemens EN100 Ethernet Module (Update A)
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: EN100 Ethernet Module Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Cross-site Scripting, Relative Path Traversal 2. UPDATE...
ICSA-18-067-02_Siemens SIPROTEC 4, SIPROTEC Compact, and Reyrolle Devices using the EN100 Ethernet Communication Module Extension (Update B)
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIPROTEC 4, SIPROTEC Compact, and Reyrolle devices using the EN100 Ethernet communication module extension Vulnerability: Missing Authentication for Critical Function 2. UPDATE...
Siemens SIPROTEC 4 and SIPROTEC Compact EN100 Ethernet Module < 4.25 - Denial of Service Exploit
Exploit for hardware platform in category dos / poc Exploit Title: Siemens SIPROTEC 4 and SIPROTEC Compact EN100 Ethernet Module V4.25 - Denial of Service Exploit Author: M. Can Kurnaz Contact: https://twitter.com/0x43414e Vendor Homepage: https://www.siemens.com Version: All devices that include...
Siemens SIPROTEC 4 / Compact EN100 Ethernet Module Denial Of Service
Exploit Title: Siemens SIPROTEC 4 and SIPROTEC Compact EN100 Ethernet Module V4.25 - Denial of Service Date: 14.02.2018 Exploit Author: M. Can Kurnaz Contact: https://twitter.com/0x43414e Vendor Homepage: https://www.siemens.com Version: All devices that include the EN100 Ethernet module version...
Siemens SIPROTEC 4 and SIPROTEC Compact EN100 Ethernet Module < 4.25 - Denial of Service
Exploit Title: Siemens SIPROTEC 4 and SIPROTEC Compact EN100 Ethernet Module V4.25 - Denial of Service Date: 14.02.2018 Exploit Author: M. Can Kurnaz Contact: https://twitter.com/0x43414e Vendor Homepage: https://www.siemens.com Version: All devices that include the EN100 Ethernet module version...
Siemens SIPROTEC 4 and SIPROTEC Compact (Update D)
CVSS v3 8.6 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: SIPROTEC 4 and SIPROTEC Compact Vulnerabilities: Improper Input Validation, Missing Authorization, Improper Authentication UPDATE INFORMATION This updated advisory is a follow-up to the updated...
Siemens SIPROTEC 4 and SIPROTEC Compact (Update B)
CVSS v3 8.6 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: SIPROTEC 4 and SIPROTEC Compact Vulnerabilities: Improper Input Validation, Missing Authorization, Improper Authentication UPDATE INFORMATION This updated advisory is a follow-up to the updated...
Siemens SIPROTEC 4 and SIPROTEC Compact (Update A)
CVSS v3 8.6 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: SIPROTEC 4 and SIPROTEC Compact Vulnerabilities: Improper Input Validation, Missing Authorization, Improper Authentication UPDATE INFORMATION This updated advisory is a follow-up to the original...
Siemens SIPROTEC 4 and SIPROTEC Compact (Update C)
CVSS v3 8.6 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: SIPROTEC 4 and SIPROTEC Compact Vulnerabilities: Improper Input Validation, Missing Authorization, Improper Authentication UPDATE INFORMATION This updated advisory is a follow-up to the updated...
Siemens SIPROTEC 4/SIPROTEC Compact Denial of Service Vulnerability
SIPROTEC 4 and SIPROTEC Compact devices provide a wide range of centralized protection, control and automation functions for substations and other applications. A denial of service vulnerability exists in Siemens SIPROTEC 4, SIPROTEC Compact devices, versions prior to EN100 Ethernet 4.29. A remot...
Microprogramming software for Siemens SIPROTEC 4 relay protection microprocessors
The vulnerability of the software of the Siemens SIPROTEC 4 relay protection micro-processor terminal allows a remote attacker to cause a malfunction of the micro-processor terminal by sending a specially crafted UDP packet to port 50000. This causes the micro-processor terminal to cease...
Siemens SIPROTEC 4 and SIPROTEC Compact Vulnerabilities
OVERVIEW Siemens reports that they have released a firmware update for SIPROTEC 4 and SIPROTEC Compact devices to mitigate authentication bypass and resource exhaustion vulnerabilities. Kirill Nesterov and Anatoly Katushin from Kaspersky Lab reported some of these vulnerabilities directly to...
Siemens SIPROTEC 4和SIPROTEC Compact EN100模块拒绝服务漏洞
No description provided by source...
Siemens multiple products there is a security problem, the part of the patch has been released-vulnerability warning-the black bar safety net
Siemens recently released software and firmware security update, saying the company multiple products there are security issues, users are advised to update ASAP. ICS-CERT and Siemens announcement that the SIPROTEC 4 and SIPROTEC Compact devices recently have been affected by the vulnerability...