CVE-2021-41769

Published: 11/01/2022 Updated: 19/01/2022

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

A vulnerability has been identified in SIPROTEC 5 6MD85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD89 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MU85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7KE85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SA82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SA86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SA87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SD82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SD87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SJ81 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SJ82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SJ85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SJ86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SK82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SK85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SL82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SL86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SL87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SS85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7ST85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SX85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UM85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7UT85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7VE85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7VK87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 Compact 7SX800 devices (CPU variant CP050) (All versions < V8.83). An improper input validation vulnerability in the web server could allow an unauthenticated user to access device information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
siemens 6md85 firmware
siemens 6md86 firmware
siemens 6md89 firmware
siemens 6mu85 firmware
siemens 7ke85 firmware
siemens 7sa82 firmware
siemens 7sa86 firmware
siemens 7sa87 firmware
siemens 7sd82 firmware
siemens 7sd86 firmware
siemens 7sd87 firmware
siemens 7sj81 firmware
siemens 7sj82 firmware
siemens 7sj85 firmware
siemens 7sj86 firmware
siemens 7sk82 firmware
siemens 7sk85 firmware
siemens 7sl82 firmware
siemens 7sl86 firmware
siemens 7sl87 firmware
siemens 7ss85 firmware
siemens 7st85 firmware
siemens 7sx800 firmware
siemens 7sx85 firmware
siemens 7um85 firmware
siemens 7ut82 firmware
siemens 7ut85 firmware
siemens 7ut86 firmware
siemens 7ut87 firmware
siemens 7ve85 firmware
siemens 7vk87 firmware

Critical Infrastructure Sectors: Energy

CWE-20 https://cert-portal.siemens.com/productcert/pdf/ssa-439673.pdf https://nvd.nist.gov https://www.cisa.gov/uscert/ics/advisories/icsa-22-013-04

CVE-2021-41769

Vulnerability Summary

Vulnerability Trend

ICS Advisories

References

Vulmon Search

About

Products

Connect