Siemens SIPROTEC 5 6MD85
Easy fix2 remedies
cpe:2.3:h:siemens:siprotec_5_6md85:*:*:*:*:*:*:*, +1 more
Easy fix2 remedies
- < V9.90
Siemens SIPROTEC 5 Development Shell Access Vulnerability via Physical Interface
Vulnerability
Patched
A vulnerability exists in multiple SIPROTEC 5 products, all versions prior to V9.90, except for CP200 devices where no fix is planned. The issue arises because these devices do not properly restrict access to a development shell via a physical interface. This flaw could enable an unauthenticated attacker with physical access to the device to execute arbitrary commands.
Impact
Exploitation of this vulnerability could lead to unauthorized command execution on the affected device.
Remediation
Siemens has released a patch for several affected products, recommending an update to V9.90 or later. For products where no fix is available, such as SIPROTEC 5 CP200 devices, Siemens advises following specific workarounds and mitigations. General security recommendations include restricting physical access to authorized individuals, applying security updates, and protecting network access with appropriate mechanisms.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
4.5impact
7.5exploitability
3.5remediation
7.9relevance
0.0threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.