Primary

Context

Siemens Energy Services Elspec G5DFR Default Credentials Vulnerability

Vulnerability

A vulnerability exists in Siemens Energy Services solutions that utilize the Elspec G5 Digital Fault Recorder, all versions with G5DFR. These affected solutions contain default credentials that grant admin privileges. An attacker could exploit this vulnerability to gain remote control of the G5DFR component and manipulate the device's output.

Impact

Exploitation of this vulnerability could lead to unauthorized remote control of the G5DFR component, allowing an attacker to tamper with the device's outputs.

Remediation

Users are advised to change the default usernames, passwords, and permission levels using the G5DFR web interface. For further assistance, contact Siemens customer support.

Added: Jun 10, 2025, 4:37 PM

Updated: Jun 10, 2025, 4:37 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.2

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.2

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Siemens Energy Services Elspec G5DFR Default Credentials Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating