Vulnerability Details CVE-2021-37206
A vulnerability has been identified in SIPROTEC 5 relays with CPU variants CP050 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP100 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP300 (All versions < V8.80). Received webpackets are not properly processed. An unauthenticated remote attacker with access to any of the Ethernet interfaces could send specially crafted packets to force a restart of the target device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.8%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2021-37206
-
cpe:2.3:o:siemens:siprotec_5_with_cpu_variant_cp050:*
-
cpe:2.3:o:siemens:siprotec_5_with_cpu_variant_cp100:7.82
-
cpe:2.3:o:siemens:siprotec_5_with_cpu_variant_cp300:7.82