SIEMENS-SSA-894058 · Published 2025-08-12 · View on Siemens ProductCERT ↗

SSA-894058 V1.0: Improper Bandwidth Limitation of Network Packets Over Local USB Port Vulnerability in SIPROTEC 5

CVSS N/A MEDIUM

Risk Summary

<p>Affected SIPROTEC 5 devices do not properly limit the bandwidth for incoming network packets over their local USB port. This could allow an attacker with physical access to send specially crafted packets with high bandwidth to the affected devices thus forcing them to exhaust their memory and stop responding to any network traffic via the local USB port. Affected devices reset themselves automatically after a successful attack and the protection function is not affected of this vulnerability.</p> <p>Siemens has released new versions for the affected products and recommends to update to the latest versions.</p>

Remediations

Refer to Siemens ProductCERT advisory for patch and remediation guidance.

Affected Vendors

Siemens

Affected Products (1)

Siemens · SSA-894058 V1.0: Improper Bandwidth Limitation of Network Packets Over Local USB Port Vulnerability in SIPROTEC 5 See advisory

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more