Information disclosure in Siemens SIPROTEC 5 Devices
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2024-38867 |
| CWE-ID | CWE-326 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
SIPROTEC 5 7SA82 (CP100) Hardware solutions / Firmware SIPROTEC 5 7SD82 (CP100) Hardware solutions / Firmware SIPROTEC 5 7SL82 (CP100) Hardware solutions / Firmware SIPROTEC 5 7UT82 (CP100) Hardware solutions / Firmware SIPROTEC 5 6MD85 (CP200) Hardware solutions / Firmware SIPROTEC 5 6MD86 (CP200) Hardware solutions / Firmware SIPROTEC 5 7KE85 (CP200) Hardware solutions / Firmware SIPROTEC 5 7SA86 (CP200) Hardware solutions / Firmware SIPROTEC 5 7SA87 (CP200) Hardware solutions / Firmware SIPROTEC 5 7SD84 (CP200) Hardware solutions / Firmware SIPROTEC 5 7SD86 (CP200) Hardware solutions / Firmware SIPROTEC 5 7SD87 (CP200) Hardware solutions / Firmware SIPROTEC 5 7SJ85 (CP200) Hardware solutions / Firmware SIPROTEC 5 7SJ86 (CP200) Hardware solutions / Firmware SIPROTEC 5 7SK85 (CP200) Hardware solutions / Firmware SIPROTEC 5 7SL86 (CP200) Hardware solutions / Firmware SIPROTEC 5 7SL87 (CP200) Hardware solutions / Firmware SIPROTEC 5 7SS85 (CP200) Hardware solutions / Firmware SIPROTEC 5 7ST85 (CP200) Hardware solutions / Firmware SIPROTEC 5 7UT85 (CP200) Hardware solutions / Firmware SIPROTEC 5 7UT86 (CP200) Hardware solutions / Firmware SIPROTEC 5 7UT87 (CP200) Hardware solutions / Firmware SIPROTEC 5 7VK87 (CP200) Hardware solutions / Firmware SIPROTEC 5 7SJ81 (CP100) Hardware solutions / Firmware SIPROTEC 5 7SJ82 (CP100) Hardware solutions / Firmware SIPROTEC 5 7SK82 (CP100) Hardware solutions / Firmware SIPROTEC 5 7SA82 (CP150) Hardware solutions / Firmware SIPROTEC 5 7SD82 (CP150) Hardware solutions / Firmware SIPROTEC 5 7SJ81 (CP150) Hardware solutions / Firmware SIPROTEC 5 7SJ82 (CP150) Hardware solutions / Firmware SIPROTEC 5 7SK82 (CP150) Hardware solutions / Firmware SIPROTEC 5 7SL82 (CP150) Hardware solutions / Firmware SIPROTEC 5 7SX82 (CP150) Hardware solutions / Firmware SIPROTEC 5 7VU85 (CP300) Hardware solutions / Firmware SIPROTEC 5 7SA84 (CP200) Hardware solutions / Other hardware appliances SIPROTEC 5 Communication Module ETH-BA-2EL Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 Communication Module ETH-BB-2FO Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 Communication Module ETH-BD-2FO Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 Compact 7SX800 (CP050) Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 6MD85 (CP300) Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 6MD86 (CP300) Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 6MD89 (CP300) Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 6MU85 (CP300) Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 7KE85 (CP300) Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 7SA86 (CP300) Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 7SA87 (CP300) Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 7SD86 (CP300) Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 7SD87 (CP300) Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 7SJ85 (CP300) Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 7SJ86 (CP300) Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 7SK85 (CP300) Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 7SL86 (CP300) Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 7SL87 (CP300) Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 7SS85 (CP300) Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 7ST85 (CP300) Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 7ST86 (CP300) Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 7SX85 (CP300) Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 7UM85 (CP300) Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 7UT85 (CP300) Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 7UT86 (CP300) Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 7UT87 (CP300) Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 7VE85 (CP300) Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 7VK87 (CP300) Hardware solutions / Routers & switches, VoIP, GSM, etc SIPROTEC 5 6MD84 (CP300) Hardware solutions / Security hardware applicances |
| Vendor | Siemens |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Inadequate Encryption Strength
EUVDB-ID: #VU94330
Risk: Medium
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-38867
CWE-ID:
CWE-326 - Inadequate Encryption Strength
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the affected devices are supporting weak ciphers on several ports. A remote attacker can perform a man-in-the-middle (MitM) attack gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSIPROTEC 5 7SA82 (CP100): All versions
SIPROTEC 5 7SD82 (CP100): All versions
SIPROTEC 5 7SL82 (CP100): All versions
SIPROTEC 5 7UT82 (CP100): All versions
SIPROTEC 5 6MD85 (CP200): All versions
SIPROTEC 5 6MD86 (CP200): All versions
SIPROTEC 5 7KE85 (CP200): All versions
SIPROTEC 5 7SA84 (CP200): All versions
SIPROTEC 5 7SA86 (CP200): All versions
SIPROTEC 5 7SA87 (CP200): All versions
SIPROTEC 5 7SD84 (CP200): All versions
SIPROTEC 5 7SD86 (CP200): All versions
SIPROTEC 5 7SD87 (CP200): All versions
SIPROTEC 5 7SJ85 (CP200): All versions
SIPROTEC 5 7SJ86 (CP200): All versions
SIPROTEC 5 7SK85 (CP200): All versions
SIPROTEC 5 7SL86 (CP200): All versions
SIPROTEC 5 7SL87 (CP200): All versions
SIPROTEC 5 7SS85 (CP200): All versions
SIPROTEC 5 7ST85 (CP200): All versions
SIPROTEC 5 7UT85 (CP200): All versions
SIPROTEC 5 7UT86 (CP200): All versions
SIPROTEC 5 7UT87 (CP200): All versions
SIPROTEC 5 7VK87 (CP200): All versions
SIPROTEC 5 Communication Module ETH-BA-2EL: before 8.89
SIPROTEC 5 Communication Module ETH-BB-2FO: before 8.89
SIPROTEC 5 Communication Module ETH-BD-2FO: before 9.62
SIPROTEC 5 Compact 7SX800 (CP050): before 9.64
SIPROTEC 5 7SJ81 (CP100): before 8.89
SIPROTEC 5 7SJ82 (CP100): before 8.89
SIPROTEC 5 7SK82 (CP100): before 8.89
SIPROTEC 5 7SA82 (CP150): before 9.65
SIPROTEC 5 7SD82 (CP150): before 9.65
SIPROTEC 5 7SJ81 (CP150): before 9.65
SIPROTEC 5 7SJ82 (CP150): before 9.65
SIPROTEC 5 7SK82 (CP150): before 9.65
SIPROTEC 5 7SL82 (CP150): before 9.65
SIPROTEC 5 7SX82 (CP150): before 9.65
SIPROTEC 5 6MD84 (CP300): before 9.64
SIPROTEC 5 6MD85 (CP300): before 9.64
SIPROTEC 5 6MD86 (CP300): before 9.64
SIPROTEC 5 6MD89 (CP300): before 9.64
SIPROTEC 5 6MU85 (CP300): before 9.64
SIPROTEC 5 7KE85 (CP300): before 9.64
SIPROTEC 5 7SA86 (CP300): before 9.65
SIPROTEC 5 7SA87 (CP300): before 9.65
SIPROTEC 5 7SD86 (CP300): before 9.65
SIPROTEC 5 7SD87 (CP300): before 9.65
SIPROTEC 5 7SJ85 (CP300): before 9.65
SIPROTEC 5 7SJ86 (CP300): before 9.65
SIPROTEC 5 7SK85 (CP300): before 9.65
SIPROTEC 5 7SL86 (CP300): before 9.65
SIPROTEC 5 7SL87 (CP300): before 9.65
SIPROTEC 5 7SS85 (CP300): before 9.64
SIPROTEC 5 7ST85 (CP300): before 9.64
SIPROTEC 5 7ST86 (CP300): before 9.64
SIPROTEC 5 7SX85 (CP300): before 9.65
SIPROTEC 5 7UM85 (CP300): before 9.64
SIPROTEC 5 7UT85 (CP300): before 9.65
SIPROTEC 5 7UT86 (CP300): before 9.65
SIPROTEC 5 7UT87 (CP300): before 9.65
SIPROTEC 5 7VE85 (CP300): before 9.64
SIPROTEC 5 7VK87 (CP300): before 9.65
SIPROTEC 5 7VU85 (CP300): before 9.64
CPE2.3- cpe:2.3:h:siemens:siprotec_5_7sa82_cp100:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sd82_cp100:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sl82_cp100:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7ut82_cp100:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_6md85_cp200:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_6md86_cp200:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7ke85_cp200:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sa84_cp200:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sa86_cp200:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sa87_cp200:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sd84_cp200:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sd86_cp200:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sd87_cp200:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sj85_cp200:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sj86_cp200:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sk85_cp200:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sl86_cp200:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sl87_cp200:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7ss85_cp200:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7st85_cp200:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7ut85_cp200:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7ut86_cp200:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7ut87_cp200:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7vk87_cp200:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_communication_module_eth-ba-2el:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_communication_module_eth-bb-2fo:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_communication_module_eth-bd-2fo:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_compact_7sx800_cp050:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sj81_cp100:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sj82_cp100:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sk82_cp100:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sa82_cp150:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sd82_cp150:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sj81_cp150:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sj82_cp150:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sk82_cp150:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sl82_cp150:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sx82_cp150:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_6md84_cp300:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_6md85_cp300:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_6md86_cp300:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_6md89_cp300:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_6mu85_cp300:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7ke85_cp300:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sa86_cp300:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sa87_cp300:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sd86_cp300:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sd87_cp300:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sj85_cp300:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sj86_cp300:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sk85_cp300:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sl86_cp300:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sl87_cp300:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7ss85_cp300:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7st85_cp300:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7st86_cp300:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7sx85_cp300:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7um85_cp300:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7ut85_cp300:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7ut86_cp300:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7ut87_cp300:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7ve85_cp300:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7vk87_cp300:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:siprotec_5_7vu85_cp300:*:*:*:*:*:*:*:
http://cert-portal.siemens.com/productcert/html/ssa-750499.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
