Main
Vulnerability Database
Exploits
ID:6425 - Exploit for Denial of service in SIPROTEC 4 and Siprotec Compact - CVE-2015-5374
ID:6425 - Exploit for Denial of service in SIPROTEC 4 and Siprotec Compact - CVE-2015-5374
Published: June 17, 2021
Vulnerability identifier: #VU7379
Vulnerability risk: Medium
CVE-ID: CVE-2015-5374
CWE-ID: CWE-20
Exploitation vector: Remote access
Vulnerable software:
SIPROTEC 4
Siprotec Compact
SIPROTEC 4
Siprotec Compact
Link to public exploit:
Vulnerability description
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to an error in the EN100 module. A remote attacker can send specially crafted packets to UDP port 50000 and cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
The weakness exists due to an error in the EN100 module. A remote attacker can send specially crafted packets to UDP port 50000 and cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
Remediation
Update SIPROTEC 4 to version 4.25.
Update SIPROTEC Compact to version 4.25.
Update SIPROTEC Compact to version 4.25.