CVE-2019-10931

A vulnerability has been identified in SIPROTEC 5 device types 6MD85, 6MD86, 6MD89, 7UM85, 7SA87, 7SD87, 7SL87, 7VK87, 7SA82, 7SA86, 7SD82, 7SD86, 7SL82, 7SL86, 7SJ86, 7SK82, 7SK85, 7SJ82, 7SJ85, 7UT82, 7UT85, 7UT86, 7UT87 and 7VE85 with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions < V7.90), All other SIPROTEC 5 device types with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions), SIPROTEC 5 relays with CPU variants CP200 and the respective Ethernet communication modules (All versions), DIGSI 5 engineering software (All versions < V7.90). Specially crafted packets sent to port 443/TCP could cause a Denial of Service condition.

Published : 2019-07-11 22:15 Updated : 2019-07-19 13:29

5.0
CVSS Score More info
Score 5.0 / 10
5.0
Vendor Product Version URI
Siemens Digsi 5 Engineering Software 7.90 cpe:/a:siemens:digsi_5_engineering_software:7.90
Siemens Siprotec 5 Digsi Device Driver 7.90 cpe:/a:siemens:siprotec_5_digsi_device_driver:7.90
  1. Siemens (2) Search CVE
    1. Siprotec 5 Digsi Device Driver (1) Search CVE
      1. 7.90
    2. Digsi 5 Engineering Software (1) Search CVE
      1. 7.90

CWE

ID Name Description Links
CWE-20 Improper Input Validation The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program. CVE

History of changes

Date Event
2019-07-19 13:29
2019-07-11 22:15

New CVE