Vulnerability Description
A vulnerability has been identified in SIPROTEC 5 6MD85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD89 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MU85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7KE85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SA82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SA86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SA87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SD82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SD87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SJ81 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SJ82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SJ85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SJ86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SK82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SK85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SL82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SL86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SL87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SS85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7ST85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SX85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UM85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7UT85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7VE85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7VK87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 Compact 7SX800 devices (CPU variant CP050) (All versions < V8.83). An improper input validation vulnerability in the web server could allow an unauthenticated user to access device information.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | 6Md85 Firmware | < 8.83 |
| Siemens | 6Md85 | - |
| Siemens | 6Md86 Firmware | < 8.83 |
| Siemens | 6Md86 | - |
| Siemens | 6Md89 Firmware | < 8.83 |
| Siemens | 6Md89 | - |
| Siemens | 6Mu85 Firmware | < 8.83 |
| Siemens | 6Mu85 | - |
| Siemens | 7Ke85 Firmware | < 8.83 |
| Siemens | 7Ke85 | - |
| Siemens | 7Sa82 Firmware | < 8.83 |
| Siemens | 7Sa82 | - |
| Siemens | 7Sa86 Firmware | < 8.83 |
| Siemens | 7Sa86 | - |
| Siemens | 7Sa87 Firmware | < 8.83 |
| Siemens | 7Sa87 | - |
| Siemens | 7Sd82 Firmware | < 8.83 |
| Siemens | 7Sd82 | - |
| Siemens | 7Sd86 Firmware | < 8.83 |
| Siemens | 7Sd86 | - |
Related Weaknesses (CWE)
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-439673.pdfVendor Advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-439673.pdfVendor Advisory
FAQ
What is CVE-2021-41769?
CVE-2021-41769 is a vulnerability with a CVSS score of 7.5 (HIGH). A vulnerability has been identified in SIPROTEC 5 6MD85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD89 device...
How severe is CVE-2021-41769?
CVE-2021-41769 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-41769?
Check the references section above for vendor advisories and patch information. Affected products include: Siemens 6Md85 Firmware, Siemens 6Md85, Siemens 6Md86 Firmware, Siemens 6Md86, Siemens 6Md89 Firmware.