CVE-2019-19279
HIGHSIPROTEC 4 and SIPROTEC Compact - Denial of Service via Crafted UDP Packets to Port 50000
Title source: llmDescription
A vulnerability has been identified in SIPROTEC 4 and SIPROTEC Compact relays equipped with EN100 Ethernet communication modules (All versions). Specially crafted packets sent to port 50000/UDP of the EN100 Ethernet communication modules could cause a Denial-of-Service of the affected device. A manual reboot is required to recover the service of the device. At the time of advisory publication no public exploitation of this security vulnerability was known to Siemens.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://cert-portal.siemens.com/productcert/pdf/ssa-974843.pdf
Scores
CVSS v3
7.5
EPSS
0.0027
EPSS Percentile
50.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (2)
siemens/siprotec_4
siemens/siprotec_compact
Published
Mar 10, 2020
Tracked Since
Feb 18, 2026