N/A

A vulnerability has been identified in SIPROTEC 5 devices with CPU variants CP200 (All versions < V7.59), SIPROTEC 5 devices with CPU variants CP300 and CP100 (All versions < V8.01), Siemens Power Meters Series 9410 (All versions < V2.2.1), Siemens Power Meters Series 9810 (All versions). An unauthenticated attacker with network access to the device could potentially insert arbitrary code which is executed before firmware verification in the device. At the time of advisory publication no public exploitation of this security vulnerability was known.

N/A

访问控制不恰当

Siemens SIPROTEC 5和Power Meters 访问控制错误漏洞

Siemens SIPROTEC 5是德国西门子（Siemens）公司的一款多功能继电器。 Siemens SIPROTEC 5（带有CPU variants CP200 V7.59之前版本、CPU variants CP300和CP100 V8.01之前版本）、Siemens Power Meters Series 9410 V2.2.1之前版本和Siemens Power Meters Series 9810所有版本中存在访问控制错误漏洞。攻击者可利用该漏洞注入并执行任意代码。

N/A

N/A