CNVD-2019-22240

Vulnerability from cnvd - Published: 2019-07-12
VLAI Severity ?
Title
Siemens SIPROTEC 5和Siemens DIGISI 5拒绝服务漏洞
Description
Siemens SIPROTEC 5和Siemens DIGISI 5都是德国西门子(Siemens)公司的产品。Siemens SIPROTEC 5是一款多功能继电器。Siemens DIGISI 5是一套用于Siemens SIPROTEC设备的用户界面。 Siemens SIPROTEC 5和Siemens DIGISI 5存在拒绝服务漏洞。攻击者可借助特制的数据包利用该漏洞造成拒绝服务。
Severity
Patch Name
Siemens SIPROTEC 5和Siemens DIGISI 5拒绝服务漏洞的补丁
Patch Description
Siemens SIPROTEC 5和Siemens DIGISI 5都是德国西门子(Siemens)公司的产品。Siemens SIPROTEC 5是一款多功能继电器。Siemens DIGISI 5是一套用于Siemens SIPROTEC设备的用户界面。 Siemens SIPROTEC 5和Siemens DIGISI 5存在拒绝服务漏洞。攻击者可借助特制的数据包利用该漏洞造成拒绝服务。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description

目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://cert-portal.siemens.com/productcert/pdf/ssa-899560.pdf

Reference
https://cert-portal.siemens.com/productcert/pdf/ssa-899560.pdf
Impacted products
Name
['Siemens DIGSI 5 < V7.90', 'Siemens SIPROTEC 5']
Show details on source website
To clipboard 

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-10931"
    }
  },
  "description": "Siemens SIPROTEC 5\u548cSiemens DIGISI 5\u90fd\u662f\u5fb7\u56fd\u897f\u95e8\u5b50\uff08Siemens\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Siemens SIPROTEC 5\u662f\u4e00\u6b3e\u591a\u529f\u80fd\u7ee7\u7535\u5668\u3002Siemens DIGISI 5\u662f\u4e00\u5957\u7528\u4e8eSiemens SIPROTEC\u8bbe\u5907\u7684\u7528\u6237\u754c\u9762\u3002\n\nSiemens SIPROTEC 5\u548cSiemens DIGISI 5\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684\u6570\u636e\u5305\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "Siemens",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-899560.pdf",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-22240",
  "openTime": "2019-07-12",
  "patchDescription": "Siemens SIPROTEC 5\u548cSiemens DIGISI 5\u90fd\u662f\u5fb7\u56fd\u897f\u95e8\u5b50\uff08Siemens\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Siemens SIPROTEC 5\u662f\u4e00\u6b3e\u591a\u529f\u80fd\u7ee7\u7535\u5668\u3002Siemens DIGISI 5\u662f\u4e00\u5957\u7528\u4e8eSiemens SIPROTEC\u8bbe\u5907\u7684\u7528\u6237\u754c\u9762\u3002\r\n\r\nSiemens SIPROTEC 5\u548cSiemens DIGISI 5\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684\u6570\u636e\u5305\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Siemens SIPROTEC 5\u548cSiemens DIGISI 5\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Siemens DIGSI 5 \u003c V7.90",
      "Siemens SIPROTEC 5"
    ]
  },
  "referenceLink": "https://cert-portal.siemens.com/productcert/pdf/ssa-899560.pdf",
  "serverity": "\u9ad8",
  "submitTime": "2019-07-10",
  "title": "Siemens SIPROTEC 5\u548cSiemens DIGISI 5\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.