CVE-2015-5374

HIGH
2015-07-18 [email protected]
7.8
CVSS 2.0
Share

CVSS Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C
Attack Vector
Network
Attack Complexity
Low
Confidentiality
None
Integrity
None
Availability
C

Lifecycle Timeline

4
Analysis Generated
Mar 26, 2026 - 11:18 vuln.today
PoC Detected
Apr 12, 2025 - 10:46 vuln.today
Public exploit code
Patch Released
Apr 12, 2025 - 10:46 nvd
Patch available
CVE Published
Jul 18, 2015 - 10:59 nvd
HIGH 7.8

Description

A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02. Specially crafted packets sent to port 50000/UDP could cause a denial-of-service of the affected device. A manual reboot may be required to recover the service of the device.

Analysis

Siemens EN100 Ethernet module firmware across multiple protocol variants (PROFINET IO, Modbus TCP, DNP3 TCP, IEC 104) contains a vulnerability that allows remote attackers to cause a denial-of-service condition by sending specially crafted packets. The affected module crashes and requires a manual cold restart to recover, impacting industrial control system availability.

Technical Context

The EN100 Ethernet module provides network connectivity for Siemens SIPROTEC protection relays used in electrical substations. Specially crafted packets sent to the module trigger a crash condition across all protocol variants (PROFINET IO, Modbus TCP, DNP3, IEC 104). The device cannot recover automatically and requires a manual power cycle, which in substation environments means physical access to the relay.

Affected Products

['Siemens EN100 PROFINET IO < V1.04.01', 'Siemens EN100 Modbus TCP < V1.11.00', 'Siemens EN100 DNP3 TCP < V1.03', 'Siemens EN100 IEC 104 < V1.21', 'SIPROTEC 4/Compact protection relays']

Remediation

Update EN100 firmware to the patched versions. Implement network segmentation isolating protection relay networks from corporate IT. Deploy IDS rules monitoring for malformed packets targeting EN100 modules. Maintain documented procedures for emergency cold restart of protection relays.

Priority Score

154
Low Medium High Critical
KEV: 0
EPSS: +84.7
CVSS: +39
POC: +20

Share

CVE-2015-5374 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy