high
7.5
CWE
20
Advisory Published
Updated

CVE-2021-41769: Input Validation

First published: Tue Jan 11 2022(Updated: )

A vulnerability has been identified in SIPROTEC 5 6MD85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD89 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MU85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7KE85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SA82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SA86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SA87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SD82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SD87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SJ81 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SJ82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SJ85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SJ86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SK82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SK85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SL82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SL86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SL87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SS85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7ST85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SX85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UM85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7UT85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7VE85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7VK87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 Compact 7SX800 devices (CPU variant CP050) (All versions < V8.83). An improper input validation vulnerability in the web server could allow an unauthenticated user to access device information.

Credit: productcert@siemens.com

Affected SoftwareAffected VersionHow to fix
Siemens 6md85<8.83
Siemens 6MD85 Firmware
Siemens 6MD86 Firmware<8.83
Siemens 6MD86 Firmware
Siemens 6MD89 Firmware<8.83
Siemens 6MD89 Firmware
Siemens 6MU85<8.83
Siemens 6MU85 Firmware
Siemens 7KE85 Firmware<8.83
Siemens 7KE85 Firmware
Siemens 7SA82 Firmware<8.83
Siemens 7SA82 Firmware
Siemens 7SA86<8.83
Siemens 7SA86 Firmware
Siemens 7SA87 Firmware<8.83
Siemens 7SA87 Firmware
Siemens Siprotec 5 7sd82<8.83
Siemens Siprotec 5 7sd82
Siemens 7SD86 Firmware<8.83
Siemens 7SD86 firmware
Siemens 7SD87<8.83
Siemens 7SD87 Firmware
Siemens 7SJ81<8.83
Siemens 7SJ81
Siemens Siprotec 5 7SJ82<8.83
Siemens Siprotec 5 7SJ82
Siemens 7SJ85 firmware<8.83
Siemens 7SJ85 firmware
Siemens 7sj86<8.83
Siemens 7SJ86 Firmware
Siemens 7sk82<8.83
Siemens 7SK82 Firmware
Siemens 7SK85<8.83
Siemens 7SK85 Firmware
Siemens 7sl82<8.83
Siemens 7SL82 Firmware
Siemens 7SL86 Firmware<8.83
Siemens 7SL86 Firmware
Siemens 7SL87 Firmware<8.83
Siemens 7SL87 Firmware
Siemens 7SS85 Firmware<8.83
Siemens 7SS85 Firmware
Siemens 7ST85<8.83
Siemens 7ST85 Firmware
Siemens 7SX800<8.83
Siemens 7SX800 Firmware
Siemens 7SX85<8.83
Siemens 7SX85
Siemens 7UM85<8.83
Siemens 7UM85 Firmware
Siemens 7UT82 Firmware<8.83
Siemens 7UT82 Firmware
Siemens 7UT85 firmware<8.83
Siemens 7UT85 firmware
Siemens 7UT86<8.83
Siemens 7UT86 firmware
Siemens 7UT87<8.83
Siemens 7UT87 Firmware
Siemens 7VE85 Firmware<8.83
Siemens 7VE85 firmware
Siemens Siprotec 7VK87 Firmware<8.83
Siemens 7VK87

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2021-41769?

    The severity of CVE-2021-41769 is high with a CVSS score of 7.5.

  • Which devices are affected by CVE-2021-41769?

    SIPROTEC 5 6MD85, 6MD86, 6MD89, and 6MU85 devices are affected by CVE-2021-41769.

  • What is the affected software version of CVE-2021-41769?

    The affected software version is < V8.83 for all the mentioned devices.

  • Where can I find more information about CVE-2021-41769?

    More information about CVE-2021-41769 can be found at the following reference: [link](https://cert-portal.siemens.com/productcert/pdf/ssa-439673.pdf)

  • What is the CWE ID for CVE-2021-41769?

    The CWE ID for CVE-2021-41769 is 20.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203