- Description
- A vulnerability has been identified in firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02; SIPROTEC 7SJ686 : All versions < V 4.83; SIPROTEC 7UT686 : All versions < V 4.01; SIPROTEC 7SD686 : All versions < V 4.03; SIPROTEC 7SJ66 : All versions < V 4.20. The integrated web server (port 80/tcp) of the affected devices could allow remote attackers to obtain sensitive device information if network access was obtained.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 3.0
- Type
- Primary
- Base score
- 5.3
- Impact score
- 1.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
- nvd@nist.gov
- CWE-200
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:siprotec_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D6A83974-66CD-409D-A309-568578F44A69"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:siprotec_compact_model_7rw80:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2883847C-7500-4431-8EB9-0B7B4DABC4FD"
},
{
"criteria": "cpe:2.3:h:siemens:siprotec_compact_model_7sd80:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "72C34F7E-F579-4830-A5E9-F61F71142153"
},
{
"criteria": "cpe:2.3:h:siemens:siprotec_compact_model_7sj80:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "BF126B3F-B400-43B1-AC08-9458055B7449"
},
{
"criteria": "cpe:2.3:h:siemens:siprotec_compact_model_7sj81:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "73E3AAB3-A15B-4159-B7A2-EA70D216B620"
},
{
"criteria": "cpe:2.3:h:siemens:siprotec_compact_model_7sk80:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "EA7F273D-9E60-45AB-9BBD-434D45FA0608"
},
{
"criteria": "cpe:2.3:h:siemens:siprotec_compact_model_7sk81:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "411C805A-16C5-4430-8F23-2D5E4D5A423E"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:siprotec_4_en100:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9D3FF8F1-73E6-4F1E-8222-E9191D6A764E"
},
{
"criteria": "cpe:2.3:h:siemens:siprotec_compact_model_en100:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D7CE743D-D5A1-4E58-A8C8-1DC755286B54"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:siprotec_firmware:4.26:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1DB48800-BDF6-4BF9-8383-39693568CF67"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]