Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for siprotec_firmware by siemens

    CVE-2016-4785 (GCVE-0-2016-4785)

    Vulnerability from nvd – Published: 2016-05-31 01:00 – Updated: 2024-09-16 19:45
    VLAI
    Summary
    A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02. The integrated web server (port 80/tcp) of the affected devices could allow remote attackers to obtain a limited amount of device memory content if network access was obtained. This vulnerability only affects EN100 Ethernet module included in SIPROTEC4 and SIPROTEC Compact devices.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2017-07-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T00:39:26.309Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-547990.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-140-02"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf"
              },
              {
                "name": "90773",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/90773"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03"
              },
              {
                "name": "99471",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/99471"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2017-07-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions \u003c V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions \u003c V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions \u003c V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions \u003c V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions \u003c 1.02.02. The integrated web server (port 80/tcp) of the affected devices could allow remote attackers to obtain a limited amount of device memory content if network access was obtained. This vulnerability only affects EN100 Ethernet module included in SIPROTEC4 and SIPROTEC Compact devices."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-22T17:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-547990.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-140-02"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf"
            },
            {
              "name": "90773",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/90773"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03"
            },
            {
              "name": "99471",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/99471"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "DATE_PUBLIC": "2017-07-04T00:00:00",
              "ID": "CVE-2016-4785",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions \u003c V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions \u003c V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions \u003c V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions \u003c V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions \u003c 1.02.02. The integrated web server (port 80/tcp) of the affected devices could allow remote attackers to obtain a limited amount of device memory content if network access was obtained. This vulnerability only affects EN100 Ethernet module included in SIPROTEC4 and SIPROTEC Compact devices."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-547990.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-547990.pdf"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-140-02",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-140-02"
                },
                {
                  "name": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf"
                },
                {
                  "name": "90773",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/90773"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03"
                },
                {
                  "name": "99471",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/99471"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2016-4785",
        "datePublished": "2016-05-31T01:00:00.000Z",
        "dateReserved": "2016-05-11T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:45:44.153Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-4784 (GCVE-0-2016-4784)

    Vulnerability from nvd – Published: 2016-05-31 01:00 – Updated: 2024-09-17 03:59
    VLAI
    Summary
    A vulnerability has been identified in firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02; SIPROTEC 7SJ686 : All versions < V 4.83; SIPROTEC 7UT686 : All versions < V 4.01; SIPROTEC 7SD686 : All versions < V 4.03; SIPROTEC 7SJ66 : All versions < V 4.20. The integrated web server (port 80/tcp) of the affected devices could allow remote attackers to obtain sensitive device information if network access was obtained.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2017-07-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T00:39:26.113Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-547990.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-140-02"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf"
              },
              {
                "name": "90773",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/90773"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03"
              },
              {
                "name": "99471",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/99471"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2017-07-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in firmware variant PROFINET IO for EN100 Ethernet module : All versions \u003c V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions \u003c V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions \u003c V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions \u003c V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions \u003c 1.02.02; SIPROTEC 7SJ686 : All versions \u003c V 4.83; SIPROTEC 7UT686 : All versions \u003c V 4.01; SIPROTEC 7SD686 : All versions \u003c V 4.03; SIPROTEC 7SJ66 : All versions \u003c V 4.20. The integrated web server (port 80/tcp) of the affected devices could allow remote attackers to obtain sensitive device information if network access was obtained."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-22T16:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-547990.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-140-02"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf"
            },
            {
              "name": "90773",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/90773"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03"
            },
            {
              "name": "99471",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/99471"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "DATE_PUBLIC": "2017-07-04T00:00:00",
              "ID": "CVE-2016-4784",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability has been identified in firmware variant PROFINET IO for EN100 Ethernet module : All versions \u003c V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions \u003c V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions \u003c V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions \u003c V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions \u003c 1.02.02; SIPROTEC 7SJ686 : All versions \u003c V 4.83; SIPROTEC 7UT686 : All versions \u003c V 4.01; SIPROTEC 7SD686 : All versions \u003c V 4.03; SIPROTEC 7SJ66 : All versions \u003c V 4.20. The integrated web server (port 80/tcp) of the affected devices could allow remote attackers to obtain sensitive device information if network access was obtained."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-547990.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-547990.pdf"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-140-02",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-140-02"
                },
                {
                  "name": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf"
                },
                {
                  "name": "90773",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/90773"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03"
                },
                {
                  "name": "99471",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/99471"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2016-4784",
        "datePublished": "2016-05-31T01:00:00.000Z",
        "dateReserved": "2016-05-11T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:59:26.394Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-5374 (GCVE-0-2015-5374)

    Vulnerability from nvd – Published: 2015-07-18 10:00 – Updated: 2024-09-17 02:15
    VLAI
    Summary
    A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02. Specially crafted packets sent to port 50000/UDP could cause a denial-of-service of the affected device. A manual reboot may be required to recover the service of the device.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2017-07-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T06:41:09.550Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-732541.pdf"
              },
              {
                "name": "44103",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/44103/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-202-01"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03"
              },
              {
                "name": "75948",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/75948"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2017-07-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions \u003c V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions \u003c V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions \u003c V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions \u003c V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions \u003c 1.02.02. Specially crafted packets sent to port 50000/UDP could cause a denial-of-service of the affected device. A manual reboot may be required to recover the service of the device."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-22T16:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-732541.pdf"
            },
            {
              "name": "44103",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/44103/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-202-01"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03"
            },
            {
              "name": "75948",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/75948"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "DATE_PUBLIC": "2017-07-04T00:00:00",
              "ID": "CVE-2015-5374",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions \u003c V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions \u003c V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions \u003c V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions \u003c V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions \u003c 1.02.02. Specially crafted packets sent to port 50000/UDP could cause a denial-of-service of the affected device. A manual reboot may be required to recover the service of the device."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf"
                },
                {
                  "name": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-732541.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-732541.pdf"
                },
                {
                  "name": "44103",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/44103/"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-202-01",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-202-01"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03"
                },
                {
                  "name": "75948",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/75948"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2015-5374",
        "datePublished": "2015-07-18T10:00:00.000Z",
        "dateReserved": "2015-07-06T00:00:00.000Z",
        "dateUpdated": "2024-09-17T02:15:53.925Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-4785 (GCVE-0-2016-4785)

    Vulnerability from cvelistv5 – Published: 2016-05-31 01:00 – Updated: 2024-09-16 19:45
    VLAI
    Summary
    A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02. The integrated web server (port 80/tcp) of the affected devices could allow remote attackers to obtain a limited amount of device memory content if network access was obtained. This vulnerability only affects EN100 Ethernet module included in SIPROTEC4 and SIPROTEC Compact devices.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2017-07-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T00:39:26.309Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-547990.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-140-02"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf"
              },
              {
                "name": "90773",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/90773"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03"
              },
              {
                "name": "99471",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/99471"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2017-07-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions \u003c V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions \u003c V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions \u003c V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions \u003c V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions \u003c 1.02.02. The integrated web server (port 80/tcp) of the affected devices could allow remote attackers to obtain a limited amount of device memory content if network access was obtained. This vulnerability only affects EN100 Ethernet module included in SIPROTEC4 and SIPROTEC Compact devices."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-22T17:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-547990.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-140-02"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf"
            },
            {
              "name": "90773",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/90773"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03"
            },
            {
              "name": "99471",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/99471"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "DATE_PUBLIC": "2017-07-04T00:00:00",
              "ID": "CVE-2016-4785",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions \u003c V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions \u003c V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions \u003c V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions \u003c V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions \u003c 1.02.02. The integrated web server (port 80/tcp) of the affected devices could allow remote attackers to obtain a limited amount of device memory content if network access was obtained. This vulnerability only affects EN100 Ethernet module included in SIPROTEC4 and SIPROTEC Compact devices."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-547990.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-547990.pdf"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-140-02",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-140-02"
                },
                {
                  "name": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf"
                },
                {
                  "name": "90773",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/90773"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03"
                },
                {
                  "name": "99471",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/99471"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2016-4785",
        "datePublished": "2016-05-31T01:00:00.000Z",
        "dateReserved": "2016-05-11T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:45:44.153Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-4784 (GCVE-0-2016-4784)

    Vulnerability from cvelistv5 – Published: 2016-05-31 01:00 – Updated: 2024-09-17 03:59
    VLAI
    Summary
    A vulnerability has been identified in firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02; SIPROTEC 7SJ686 : All versions < V 4.83; SIPROTEC 7UT686 : All versions < V 4.01; SIPROTEC 7SD686 : All versions < V 4.03; SIPROTEC 7SJ66 : All versions < V 4.20. The integrated web server (port 80/tcp) of the affected devices could allow remote attackers to obtain sensitive device information if network access was obtained.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2017-07-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T00:39:26.113Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-547990.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-140-02"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf"
              },
              {
                "name": "90773",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/90773"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03"
              },
              {
                "name": "99471",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/99471"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2017-07-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in firmware variant PROFINET IO for EN100 Ethernet module : All versions \u003c V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions \u003c V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions \u003c V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions \u003c V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions \u003c 1.02.02; SIPROTEC 7SJ686 : All versions \u003c V 4.83; SIPROTEC 7UT686 : All versions \u003c V 4.01; SIPROTEC 7SD686 : All versions \u003c V 4.03; SIPROTEC 7SJ66 : All versions \u003c V 4.20. The integrated web server (port 80/tcp) of the affected devices could allow remote attackers to obtain sensitive device information if network access was obtained."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-22T16:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-547990.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-140-02"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf"
            },
            {
              "name": "90773",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/90773"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03"
            },
            {
              "name": "99471",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/99471"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "DATE_PUBLIC": "2017-07-04T00:00:00",
              "ID": "CVE-2016-4784",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability has been identified in firmware variant PROFINET IO for EN100 Ethernet module : All versions \u003c V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions \u003c V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions \u003c V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions \u003c V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions \u003c 1.02.02; SIPROTEC 7SJ686 : All versions \u003c V 4.83; SIPROTEC 7UT686 : All versions \u003c V 4.01; SIPROTEC 7SD686 : All versions \u003c V 4.03; SIPROTEC 7SJ66 : All versions \u003c V 4.20. The integrated web server (port 80/tcp) of the affected devices could allow remote attackers to obtain sensitive device information if network access was obtained."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-547990.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-547990.pdf"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-140-02",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-140-02"
                },
                {
                  "name": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf"
                },
                {
                  "name": "90773",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/90773"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03"
                },
                {
                  "name": "99471",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/99471"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2016-4784",
        "datePublished": "2016-05-31T01:00:00.000Z",
        "dateReserved": "2016-05-11T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:59:26.394Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-5374 (GCVE-0-2015-5374)

    Vulnerability from cvelistv5 – Published: 2015-07-18 10:00 – Updated: 2024-09-17 02:15
    VLAI
    Summary
    A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02. Specially crafted packets sent to port 50000/UDP could cause a denial-of-service of the affected device. A manual reboot may be required to recover the service of the device.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2017-07-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T06:41:09.550Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-732541.pdf"
              },
              {
                "name": "44103",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/44103/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-202-01"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03"
              },
              {
                "name": "75948",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/75948"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2017-07-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions \u003c V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions \u003c V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions \u003c V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions \u003c V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions \u003c 1.02.02. Specially crafted packets sent to port 50000/UDP could cause a denial-of-service of the affected device. A manual reboot may be required to recover the service of the device."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-22T16:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-732541.pdf"
            },
            {
              "name": "44103",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/44103/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-202-01"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03"
            },
            {
              "name": "75948",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/75948"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "DATE_PUBLIC": "2017-07-04T00:00:00",
              "ID": "CVE-2015-5374",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions \u003c V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions \u003c V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions \u003c V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions \u003c V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions \u003c 1.02.02. Specially crafted packets sent to port 50000/UDP could cause a denial-of-service of the affected device. A manual reboot may be required to recover the service of the device."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf"
                },
                {
                  "name": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-732541.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-732541.pdf"
                },
                {
                  "name": "44103",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/44103/"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-202-01",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-202-01"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03"
                },
                {
                  "name": "75948",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/75948"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2015-5374",
        "datePublished": "2015-07-18T10:00:00.000Z",
        "dateReserved": "2015-07-06T00:00:00.000Z",
        "dateUpdated": "2024-09-17T02:15:53.925Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }