Siemens Siprotec 5 Firmware vulnerabilities

9 known vulnerabilities affecting siemens/siprotec_5_firmware.

Total CVEs
9
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH4MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2019-12255CRITICALCVSS 9.8PoCfixed in 7.912019-08-09
CVE-2019-12255 [CRITICAL] CWE-120 CVE-2019-12255: Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET securi Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow.
nvd
CVE-2019-12256CRITICALCVSS 9.8fixed in 7.59fixed in 7.912019-08-09
CVE-2019-12256 [CRITICAL] CWE-120 CVE-2019-12256: Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET securi Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets’ IP options.
nvd
CVE-2019-12261CRITICALCVSS 9.8fixed in 7.59fixed in 7.912019-08-09
CVE-2019-12261 [CRITICAL] CWE-120 CVE-2019-12261: Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host.
nvd
CVE-2019-12260CRITICALCVSS 9.8fixed in 7.59fixed in 7.912019-08-09
CVE-2019-12260 [CRITICAL] CWE-120 CVE-2019-12260: Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option.
nvd
CVE-2019-12257HIGHCVSS 8.8fixed in 7.59fixed in 7.912019-08-09
CVE-2019-12257 [HIGH] CWE-120 CVE-2019-12257: Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. There is an I Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap overflow in DHCP Offer/ACK parsing inside ipdhcpc.
nvd
CVE-2019-12263HIGHCVSS 8.1fixed in 7.59fixed in 7.912019-08-09
CVE-2019-12263 [HIGH] CWE-362 CVE-2019-12263: Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition.
nvd
CVE-2019-12259HIGHCVSS 7.5fixed in 7.59fixed in 7.912019-08-09
CVE-2019-12259 [HIGH] CWE-476 CVE-2019-12259: Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client componen Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing.
nvd
CVE-2019-12258HIGHCVSS 7.5PoCfixed in 7.59fixed in 7.912019-08-09
CVE-2019-12258 [HIGH] CWE-384 CVE-2019-12258: Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET securi Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options.
nvd
CVE-2019-12265MEDIUMCVSS 5.3fixed in 7.91fixed in 7.592019-08-09
CVE-2019-12265 [MEDIUM] CWE-401 CVE-2019-12265: Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client compon Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component. There is an IPNET security vulnerability: IGMP Information leak via IGMPv3 specific membership report.
nvd