CVE-2021-37206
CVE-2021-37206
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 1.4%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
14 Sep 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A vulnerability has been identified in SIPROTEC 5 relays with CPU variants CP050 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP100 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP300 (All versions < V8.80). Received webpackets are not properly processed. An unauthenticated remote attacker with access to any of the Ethernet interfaces could send specially crafted packets to force a restart of the target device.
Affected products
Siemens · SIPROTEC 5 relays with CPU variants CP050Siemens · SIPROTEC 5 relays with CPU variants CP100Siemens · SIPROTEC 5 relays with CPU variants CP300Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →