NVD - CVE-2015-5374
Archived: 2026-04-05 15:13:13 UTC
Description
A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions <
V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3
TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All
versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02.
Specially crafted packets sent to port 50000/UDP could cause a denial-of-service of the affected device. A manual reboot
may be required to recover the service of the device.
Metrics
 
NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is
also displayed.
CVSS 2.0 Severity and Vector Strings:
https://nvd.nist.gov/vuln/detail/CVE-2015-5374
Page 1 of 4

NIST: NVD
Vector:  (AV:N/AC:L/Au:N/C:N/I:N/A:C)
References to Advisories, Solutions, and Tools
By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because
they may have information that would be of interest to you. No inferences should be drawn on account of other sites being
referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does
not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not
endorse any commercial products that may be mentioned on these sites. Please address comments about this page to
nvd@nist.gov.
URL Source(s) Tag(s)
http://www.securityfocus.com/bid/75948
CVE,
MITRE
http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-732541.pdfCVE,
MITRE
Patch 
Vendor
Advisory 
https://nvd.nist.gov/vuln/detail/CVE-2015-5374
Page 2 of 4

URL Source(s) Tag(s)
https://ics-cert.us-cert.gov/advisories/ICSA-15-202-01
CVE,
MITRE
https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03
CVE,
MITRE
https://www.exploit-db.com/exploits/44103/
CVE,
MITRE
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf
CVE,
MITRE
Weakness Enumeration
CWE-ID CWE Name Source
CWE-19 Data Processing Errors
NIST  
Known Affected Software Configurations Switch to CPE 2.2
Configuration 1 ( hide )
 cpe:2.3:o:siemens:siprotec_firmware:4.24:*:*:*:*:*:*:*
   Show Matching CPE(s)
Running on/with
 cpe:2.3:h:siemens:siprotec_4:*:*:*:*:*:*:*:*
   Show Matching CPE(s)
 cpe:2.3:h:siemens:siprotec_compact:*:*:*:*:*:*:*:*
   Show Matching CPE(s)
Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.
Change History
10 change records found show changes
https://nvd.nist.gov/vuln/detail/CVE-2015-5374
Page 3 of 4

Source: https://nvd.nist.gov/vuln/detail/CVE-2015-5374
https://nvd.nist.gov/vuln/detail/CVE-2015-5374
Page 4 of 4