Vulnerabilites related to Siemens - Nucleus Source Code
cve-2021-25664
Vulnerability from cvelistv5
Published
2021-04-22 20:42
Modified
2025-03-11 09:47
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (All versions including affected IPv6 stack). The function that processes the Hop-by-Hop extension header in IPv6 packets and its options lacks any checks against the length field of the header, allowing attackers to put the function into an infinite loop by supplying arbitrary length values.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Capital Embedded AR Classic 431-422 |
Version: 0 < * |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:11:27.513Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-248289.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-05", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-248289.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Capital Embedded AR Classic 431-422", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Capital Embedded AR Classic R20-11", vendor: "Siemens", versions: [ { lessThan: "V2303", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Nucleus NET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "Nucleus ReadyStart V3", vendor: "Siemens", versions: [ { lessThan: "V2017.02.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Nucleus ReadyStart V4", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Nucleus Source Code", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (All versions including affected IPv6 stack). The function that processes the Hop-by-Hop extension header in IPv6 packets and its options lacks any checks against the length field of the header, allowing attackers to put the function into an infinite loop by supplying arbitrary length values.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, { cvssV4_0: { baseScore: 8.7, baseSeverity: "HIGH", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-835", description: "CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-11T09:47:35.103Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-248289.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-05", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-248289.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2021-25664", datePublished: "2021-04-22T20:42:20", dateReserved: "2021-01-21T00:00:00", dateUpdated: "2025-03-11T09:47:35.103Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-31886
Vulnerability from cvelistv5
Published
2021-11-09 11:31
Modified
2024-08-03 23:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “USER” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0010)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | APOGEE MBC (PPC) (BACnet) |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:10:30.838Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "APOGEE MBC (PPC) (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "APOGEE MBC (PPC) (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "APOGEE MEC (PPC) (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "APOGEE MEC (PPC) (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "APOGEE PXC Compact (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.4", }, ], }, { product: "APOGEE PXC Compact (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.8.19", }, ], }, { product: "APOGEE PXC Modular (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.4", }, ], }, { product: "APOGEE PXC Modular (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.8.19", }, ], }, { product: "Desigo PXC00-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC00-U", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC001-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC100-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC12-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC128-U", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC200-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC22-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC22.1-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC36.1-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC50-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC64-U", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXM20-E", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Nucleus NET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "Nucleus ReadyStart V3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2017.02.4", }, ], }, { product: "Nucleus Source Code", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "TALON TC Compact (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.4", }, ], }, { product: "TALON TC Modular (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “USER” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0010)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-170", description: "CWE-170: Improper Null Termination", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-10T09:46:35", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2021-31886", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "APOGEE MBC (PPC) (BACnet)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "APOGEE MBC (PPC) (P2 Ethernet)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "APOGEE MEC (PPC) (BACnet)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "APOGEE MEC (PPC) (P2 Ethernet)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "APOGEE PXC Compact (BACnet)", version: { version_data: [ { version_value: "All versions < V3.5.4", }, ], }, }, { product_name: "APOGEE PXC Compact (P2 Ethernet)", version: { version_data: [ { version_value: "All versions < V2.8.19", }, ], }, }, { product_name: "APOGEE PXC Modular (BACnet)", version: { version_data: [ { version_value: "All versions < V3.5.4", }, ], }, }, { product_name: "APOGEE PXC Modular (P2 Ethernet)", version: { version_data: [ { version_value: "All versions < V2.8.19", }, ], }, }, { product_name: "Desigo PXC00-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC00-U", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC001-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC100-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC12-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC128-U", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC200-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC22-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC22.1-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC36.1-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC50-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC64-U", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXM20-E", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Nucleus NET", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "Nucleus ReadyStart V3", version: { version_data: [ { version_value: "All versions < V2017.02.4", }, ], }, }, { product_name: "Nucleus Source Code", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "TALON TC Compact (BACnet)", version: { version_data: [ { version_value: "All versions < V3.5.4", }, ], }, }, { product_name: "TALON TC Modular (BACnet)", version: { version_data: [ { version_value: "All versions < V3.5.4", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “USER” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0010)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-170: Improper Null Termination", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2021-31886", datePublished: "2021-11-09T11:31:59", dateReserved: "2021-04-29T00:00:00", dateUpdated: "2024-08-03T23:10:30.838Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-31885
Vulnerability from cvelistv5
Published
2021-11-09 11:31
Modified
2024-08-03 23:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.1), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). TFTP server application allows for reading the contents of the TFTP memory buffer via sending malformed TFTP commands. (FSMD-2021-0009)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | APOGEE MBC (PPC) (BACnet) |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:10:30.607Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "APOGEE MBC (PPC) (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "APOGEE MBC (PPC) (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "APOGEE MEC (PPC) (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "APOGEE MEC (PPC) (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "APOGEE PXC Compact (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.4", }, ], }, { product: "APOGEE PXC Compact (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.8.19", }, ], }, { product: "APOGEE PXC Modular (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.4", }, ], }, { product: "APOGEE PXC Modular (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.8.19", }, ], }, { product: "Desigo PXC00-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC00-U", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC001-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC100-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC12-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC128-U", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC200-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC22-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC22.1-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC36.1-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC50-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC64-U", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXM20-E", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Nucleus NET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "Nucleus ReadyStart V3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2017.02.4", }, ], }, { product: "Nucleus ReadyStart V4", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.1", }, ], }, { product: "Nucleus Source Code", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "PLUSCONTROL 1st Gen", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "TALON TC Compact (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.4", }, ], }, { product: "TALON TC Modular (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.1), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). TFTP server application allows for reading the contents of the TFTP memory buffer via sending malformed TFTP commands. (FSMD-2021-0009)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-805", description: "CWE-805: Buffer Access with Incorrect Length Value", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-10T09:46:34", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2021-31885", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "APOGEE MBC (PPC) (BACnet)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "APOGEE MBC (PPC) (P2 Ethernet)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "APOGEE MEC (PPC) (BACnet)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "APOGEE MEC (PPC) (P2 Ethernet)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "APOGEE PXC Compact (BACnet)", version: { version_data: [ { version_value: "All versions < V3.5.4", }, ], }, }, { product_name: "APOGEE PXC Compact (P2 Ethernet)", version: { version_data: [ { version_value: "All versions < V2.8.19", }, ], }, }, { product_name: "APOGEE PXC Modular (BACnet)", version: { version_data: [ { version_value: "All versions < V3.5.4", }, ], }, }, { product_name: "APOGEE PXC Modular (P2 Ethernet)", version: { version_data: [ { version_value: "All versions < V2.8.19", }, ], }, }, { product_name: "Desigo PXC00-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC00-U", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC001-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC100-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC12-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC128-U", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC200-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC22-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC22.1-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC36.1-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC50-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC64-U", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXM20-E", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Nucleus NET", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "Nucleus ReadyStart V3", version: { version_data: [ { version_value: "All versions < V2017.02.4", }, ], }, }, { product_name: "Nucleus ReadyStart V4", version: { version_data: [ { version_value: "All versions < V4.1.1", }, ], }, }, { product_name: "Nucleus Source Code", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "PLUSCONTROL 1st Gen", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "TALON TC Compact (BACnet)", version: { version_data: [ { version_value: "All versions < V3.5.4", }, ], }, }, { product_name: "TALON TC Modular (BACnet)", version: { version_data: [ { version_value: "All versions < V3.5.4", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.1), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). TFTP server application allows for reading the contents of the TFTP memory buffer via sending malformed TFTP commands. (FSMD-2021-0009)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-805: Buffer Access with Incorrect Length Value", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2021-31885", datePublished: "2021-11-09T11:31:58", dateReserved: "2021-04-29T00:00:00", dateUpdated: "2024-08-03T23:10:30.607Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-15795
Vulnerability from cvelistv5
Published
2021-04-22 20:42
Modified
2024-08-04 13:30
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name label parsing functionality does not properly validate the names in DNS-responses. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | APOGEE PXC Compact (BACnet) |
Version: All versions < V3.5.5 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T13:30:21.684Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-185699.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "APOGEE PXC Compact (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, { defaultStatus: "unknown", product: "APOGEE PXC Compact (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.8.20", }, ], }, { defaultStatus: "unknown", product: "APOGEE PXC Modular (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, { defaultStatus: "unknown", product: "APOGEE PXC Modular (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.8.20", }, ], }, { defaultStatus: "unknown", product: "Nucleus NET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2", }, ], }, { defaultStatus: "unknown", product: "Nucleus Source Code", vendor: "Siemens", versions: [ { status: "affected", version: "Versions including affected DNS modules", }, ], }, { defaultStatus: "unknown", product: "TALON TC Compact (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, { defaultStatus: "unknown", product: "TALON TC Modular (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name label parsing functionality does not properly validate the names in DNS-responses. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition.", }, ], metrics: [ { cvssV3_1: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-08T09:20:01.115Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-185699.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-15795", datePublished: "2021-04-22T20:42:19", dateReserved: "2020-07-15T00:00:00", dateUpdated: "2024-08-04T13:30:21.684Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38371
Vulnerability from cvelistv5
Published
2022-10-11 00:00
Modified
2025-04-08 08:19
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.7), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.21), APOGEE PXC Modular (BACnet) (All versions < V3.5.7), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.21), Desigo PXC00-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC00-U (All versions >= V2.3 < V6.30.37), Desigo PXC001-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC100-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC12-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC128-U (All versions >= V2.3 < V6.30.37), Desigo PXC200-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC22-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC22.1-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC36.1-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC50-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC64-U (All versions >= V2.3 < V6.30.37), Desigo PXM20-E (All versions >= V2.3 < V6.30.37), Nucleus NET for Nucleus PLUS V1 (All versions < V5.2a), Nucleus NET for Nucleus PLUS V2 (All versions < V5.4), Nucleus ReadyStart V3 V2012 (All versions < V2012.08.1), Nucleus ReadyStart V3 V2017 (All versions < V2017.02.4), Nucleus Source Code (All versions including affected FTP server), TALON TC Compact (BACnet) (All versions < V3.5.7), TALON TC Modular (BACnet) (All versions < V3.5.7). The FTP server does not properly release memory resources that were reserved for incomplete connection attempts by FTP clients. This could allow a remote attacker to generate a denial of service condition on devices that incorporate a vulnerable version of the FTP server.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:54:03.448Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-313313.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-935500.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-935500.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-313313.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-38371", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-07T18:15:00.675232Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-17T13:53:27.567Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "APOGEE MBC (PPC) (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "APOGEE MBC (PPC) (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "APOGEE MEC (PPC) (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "APOGEE MEC (PPC) (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "APOGEE PXC Compact (BACnet)", vendor: "Siemens", versions: [ { lessThan: "V3.5.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "APOGEE PXC Compact (P2 Ethernet)", vendor: "Siemens", versions: [ { lessThan: "V2.8.21", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "APOGEE PXC Modular (BACnet)", vendor: "Siemens", versions: [ { lessThan: "V3.5.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "APOGEE PXC Modular (P2 Ethernet)", vendor: "Siemens", versions: [ { lessThan: "V2.8.21", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Desigo PXC00-E.D", vendor: "Siemens", versions: [ { lessThan: "V6.30.37", status: "affected", version: "V2.3", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Desigo PXC00-U", vendor: "Siemens", versions: [ { lessThan: "V6.30.37", status: "affected", version: "V2.3", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Desigo PXC001-E.D", vendor: "Siemens", versions: [ { lessThan: "V6.30.37", status: "affected", version: "V2.3", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Desigo PXC100-E.D", vendor: "Siemens", versions: [ { lessThan: "V6.30.37", status: "affected", version: "V2.3", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Desigo PXC12-E.D", vendor: "Siemens", versions: [ { lessThan: "V6.30.37", status: "affected", version: "V2.3", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Desigo PXC128-U", vendor: "Siemens", versions: [ { lessThan: "V6.30.37", status: "affected", version: "V2.3", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Desigo PXC200-E.D", vendor: "Siemens", versions: [ { lessThan: "V6.30.37", status: "affected", version: "V2.3", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Desigo PXC22-E.D", vendor: "Siemens", versions: [ { lessThan: "V6.30.37", status: "affected", version: "V2.3", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Desigo PXC22.1-E.D", vendor: "Siemens", versions: [ { lessThan: "V6.30.37", status: "affected", version: "V2.3", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Desigo PXC36.1-E.D", vendor: "Siemens", versions: [ { lessThan: "V6.30.37", status: "affected", version: "V2.3", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Desigo PXC50-E.D", vendor: "Siemens", versions: [ { lessThan: "V6.30.37", status: "affected", version: "V2.3", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Desigo PXC64-U", vendor: "Siemens", versions: [ { lessThan: "V6.30.37", status: "affected", version: "V2.3", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Desigo PXM20-E", vendor: "Siemens", versions: [ { lessThan: "V6.30.37", status: "affected", version: "V2.3", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Nucleus NET for Nucleus PLUS V1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2a", }, ], }, { defaultStatus: "unknown", product: "Nucleus NET for Nucleus PLUS V2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.4", }, ], }, { defaultStatus: "unknown", product: "Nucleus ReadyStart V3 V2012", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2012.08.1", }, ], }, { defaultStatus: "unknown", product: "Nucleus ReadyStart V3 V2017", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2017.02.4", }, ], }, { defaultStatus: "unknown", product: "Nucleus Source Code", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "TALON TC Compact (BACnet)", vendor: "Siemens", versions: [ { lessThan: "V3.5.7", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "TALON TC Modular (BACnet)", vendor: "Siemens", versions: [ { lessThan: "V3.5.7", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.7), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.21), APOGEE PXC Modular (BACnet) (All versions < V3.5.7), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.21), Desigo PXC00-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC00-U (All versions >= V2.3 < V6.30.37), Desigo PXC001-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC100-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC12-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC128-U (All versions >= V2.3 < V6.30.37), Desigo PXC200-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC22-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC22.1-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC36.1-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC50-E.D (All versions >= V2.3 < V6.30.37), Desigo PXC64-U (All versions >= V2.3 < V6.30.37), Desigo PXM20-E (All versions >= V2.3 < V6.30.37), Nucleus NET for Nucleus PLUS V1 (All versions < V5.2a), Nucleus NET for Nucleus PLUS V2 (All versions < V5.4), Nucleus ReadyStart V3 V2012 (All versions < V2012.08.1), Nucleus ReadyStart V3 V2017 (All versions < V2017.02.4), Nucleus Source Code (All versions including affected FTP server), TALON TC Compact (BACnet) (All versions < V3.5.7), TALON TC Modular (BACnet) (All versions < V3.5.7). The FTP server does not properly release memory resources that were reserved for incomplete connection attempts by FTP clients. This could allow a remote attacker to generate a denial of service condition on devices that incorporate a vulnerable version of the FTP server.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { cvssV4_0: { baseScore: 8.7, baseSeverity: "HIGH", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400: Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-08T08:19:38.399Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-313313.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-935500.pdf", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-935500.html", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-313313.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-38371", datePublished: "2022-10-11T00:00:00", dateReserved: "2022-08-16T00:00:00", dateUpdated: "2025-04-08T08:19:38.399Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-31884
Vulnerability from cvelistv5
Published
2021-11-09 11:31
Modified
2024-08-03 23:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Capital VSTAR (All versions with enabled Ethernet options), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). The DHCP client application assumes that the data supplied with the “Hostname” DHCP option is NULL terminated. In cases when global hostname variable is not defined, this may lead to Out-of-bound reads, writes, and Denial-of-service conditions. (FSMD-2021-0014)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | APOGEE MBC (PPC) (BACnet) |
Version: All versions |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:10:30.775Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "APOGEE MBC (PPC) (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "APOGEE MBC (PPC) (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "APOGEE MEC (PPC) (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "APOGEE MEC (PPC) (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "APOGEE PXC Compact (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.4", }, ], }, { product: "APOGEE PXC Compact (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.8.19", }, ], }, { product: "APOGEE PXC Modular (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.4", }, ], }, { product: "APOGEE PXC Modular (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.8.19", }, ], }, { product: "Capital VSTAR", vendor: "Siemens", versions: [ { status: "affected", version: "All versions with enabled Ethernet options", }, ], }, { product: "Desigo PXC00-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC00-U", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC001-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC100-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC12-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC128-U", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC200-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC22-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC22.1-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC36.1-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC50-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC64-U", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXM20-E", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Nucleus NET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "Nucleus ReadyStart V3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2017.02.4", }, ], }, { product: "Nucleus Source Code", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "TALON TC Compact (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.4", }, ], }, { product: "TALON TC Modular (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Capital VSTAR (All versions with enabled Ethernet options), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). The DHCP client application assumes that the data supplied with the “Hostname” DHCP option is NULL terminated. In cases when global hostname variable is not defined, this may lead to Out-of-bound reads, writes, and Denial-of-service conditions. (FSMD-2021-0014)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-170", description: "CWE-170: Improper Null Termination", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-10T09:46:33", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2021-31884", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "APOGEE MBC (PPC) (BACnet)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "APOGEE MBC (PPC) (P2 Ethernet)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "APOGEE MEC (PPC) (BACnet)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "APOGEE MEC (PPC) (P2 Ethernet)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "APOGEE PXC Compact (BACnet)", version: { version_data: [ { version_value: "All versions < V3.5.4", }, ], }, }, { product_name: "APOGEE PXC Compact (P2 Ethernet)", version: { version_data: [ { version_value: "All versions < V2.8.19", }, ], }, }, { product_name: "APOGEE PXC Modular (BACnet)", version: { version_data: [ { version_value: "All versions < V3.5.4", }, ], }, }, { product_name: "APOGEE PXC Modular (P2 Ethernet)", version: { version_data: [ { version_value: "All versions < V2.8.19", }, ], }, }, { product_name: "Capital VSTAR", version: { version_data: [ { version_value: "All versions with enabled Ethernet options", }, ], }, }, { product_name: "Desigo PXC00-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC00-U", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC001-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC100-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC12-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC128-U", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC200-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC22-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC22.1-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC36.1-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC50-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC64-U", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXM20-E", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Nucleus NET", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "Nucleus ReadyStart V3", version: { version_data: [ { version_value: "All versions < V2017.02.4", }, ], }, }, { product_name: "Nucleus Source Code", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "TALON TC Compact (BACnet)", version: { version_data: [ { version_value: "All versions < V3.5.4", }, ], }, }, { product_name: "TALON TC Modular (BACnet)", version: { version_data: [ { version_value: "All versions < V3.5.4", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Capital VSTAR (All versions with enabled Ethernet options), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). The DHCP client application assumes that the data supplied with the “Hostname” DHCP option is NULL terminated. In cases when global hostname variable is not defined, this may lead to Out-of-bound reads, writes, and Denial-of-service conditions. (FSMD-2021-0014)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-170: Improper Null Termination", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2021-31884", datePublished: "2021-11-09T11:31:57", dateReserved: "2021-04-29T00:00:00", dateUpdated: "2024-08-03T23:10:30.775Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-27738
Vulnerability from cvelistv5
Published
2021-04-22 20:42
Modified
2024-08-04 16:18
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a read access past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | APOGEE PXC Compact (BACnet) |
Version: All versions < V3.5.5 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:18:45.774Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "APOGEE PXC Compact (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, { defaultStatus: "unknown", product: "APOGEE PXC Compact (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.8.20", }, ], }, { defaultStatus: "unknown", product: "APOGEE PXC Modular (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, { defaultStatus: "unknown", product: "APOGEE PXC Modular (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.8.20", }, ], }, { defaultStatus: "unknown", product: "Nucleus NET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "Nucleus ReadyStart V3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2017.02.3", }, ], }, { defaultStatus: "unknown", product: "Nucleus ReadyStart V4", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.0", }, ], }, { defaultStatus: "unknown", product: "Nucleus Source Code", vendor: "Siemens", versions: [ { status: "affected", version: "Versions including affected DNS modules", }, ], }, { defaultStatus: "unknown", product: "SIMOTICS CONNECT 400", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V0.5.0.0", }, ], }, { defaultStatus: "unknown", product: "TALON TC Compact (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, { defaultStatus: "unknown", product: "TALON TC Modular (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a read access past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition.", }, ], metrics: [ { cvssV3_1: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-788", description: "CWE-788: Access of Memory Location After End of Buffer", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-08T09:20:05.489Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-27738", datePublished: "2021-04-22T20:42:20", dateReserved: "2020-10-26T00:00:00", dateUpdated: "2024-08-04T16:18:45.774Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-31888
Vulnerability from cvelistv5
Published
2021-11-09 11:32
Modified
2024-08-03 23:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “MKD/XMKD” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0018)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | APOGEE MBC (PPC) (BACnet) |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:10:30.804Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "APOGEE MBC (PPC) (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "APOGEE MBC (PPC) (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "APOGEE MEC (PPC) (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "APOGEE MEC (PPC) (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "APOGEE PXC Compact (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.4", }, ], }, { product: "APOGEE PXC Compact (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.8.19", }, ], }, { product: "APOGEE PXC Modular (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.4", }, ], }, { product: "APOGEE PXC Modular (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.8.19", }, ], }, { product: "Desigo PXC00-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC00-U", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC001-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC100-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC12-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC128-U", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC200-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC22-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC22.1-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC36.1-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC50-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC64-U", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXM20-E", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Nucleus NET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "Nucleus ReadyStart V3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2017.02.4", }, ], }, { product: "Nucleus Source Code", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "TALON TC Compact (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.4", }, ], }, { product: "TALON TC Modular (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “MKD/XMKD” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0018)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-170", description: "CWE-170: Improper Null Termination", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-10T09:46:37", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2021-31888", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "APOGEE MBC (PPC) (BACnet)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "APOGEE MBC (PPC) (P2 Ethernet)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "APOGEE MEC (PPC) (BACnet)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "APOGEE MEC (PPC) (P2 Ethernet)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "APOGEE PXC Compact (BACnet)", version: { version_data: [ { version_value: "All versions < V3.5.4", }, ], }, }, { product_name: "APOGEE PXC Compact (P2 Ethernet)", version: { version_data: [ { version_value: "All versions < V2.8.19", }, ], }, }, { product_name: "APOGEE PXC Modular (BACnet)", version: { version_data: [ { version_value: "All versions < V3.5.4", }, ], }, }, { product_name: "APOGEE PXC Modular (P2 Ethernet)", version: { version_data: [ { version_value: "All versions < V2.8.19", }, ], }, }, { product_name: "Desigo PXC00-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC00-U", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC001-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC100-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC12-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC128-U", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC200-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC22-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC22.1-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC36.1-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC50-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC64-U", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXM20-E", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Nucleus NET", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "Nucleus ReadyStart V3", version: { version_data: [ { version_value: "All versions < V2017.02.4", }, ], }, }, { product_name: "Nucleus Source Code", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "TALON TC Compact (BACnet)", version: { version_data: [ { version_value: "All versions < V3.5.4", }, ], }, }, { product_name: "TALON TC Modular (BACnet)", version: { version_data: [ { version_value: "All versions < V3.5.4", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “MKD/XMKD” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0018)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-170: Improper Null Termination", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2021-31888", datePublished: "2021-11-09T11:32:00", dateReserved: "2021-04-29T00:00:00", dateUpdated: "2024-08-03T23:10:30.804Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-31887
Vulnerability from cvelistv5
Published
2021-11-09 11:32
Modified
2024-08-03 23:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “PWD/XPWD” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0016)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | APOGEE MBC (PPC) (BACnet) |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:10:30.650Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "APOGEE MBC (PPC) (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "APOGEE MBC (PPC) (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "APOGEE MEC (PPC) (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "APOGEE MEC (PPC) (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "APOGEE PXC Compact (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.4", }, ], }, { product: "APOGEE PXC Compact (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.8.19", }, ], }, { product: "APOGEE PXC Modular (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.4", }, ], }, { product: "APOGEE PXC Modular (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.8.19", }, ], }, { product: "Desigo PXC00-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC00-U", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC001-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC100-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC12-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC128-U", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC200-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC22-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC22.1-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC36.1-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC50-E.D", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXC64-U", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Desigo PXM20-E", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V2.3 and < V6.30.016", }, ], }, { product: "Nucleus NET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "Nucleus ReadyStart V3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2017.02.4", }, ], }, { product: "Nucleus Source Code", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "TALON TC Compact (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.4", }, ], }, { product: "TALON TC Modular (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.4", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “PWD/XPWD” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0016)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-170", description: "CWE-170: Improper Null Termination", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-10T09:46:36", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2021-31887", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "APOGEE MBC (PPC) (BACnet)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "APOGEE MBC (PPC) (P2 Ethernet)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "APOGEE MEC (PPC) (BACnet)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "APOGEE MEC (PPC) (P2 Ethernet)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "APOGEE PXC Compact (BACnet)", version: { version_data: [ { version_value: "All versions < V3.5.4", }, ], }, }, { product_name: "APOGEE PXC Compact (P2 Ethernet)", version: { version_data: [ { version_value: "All versions < V2.8.19", }, ], }, }, { product_name: "APOGEE PXC Modular (BACnet)", version: { version_data: [ { version_value: "All versions < V3.5.4", }, ], }, }, { product_name: "APOGEE PXC Modular (P2 Ethernet)", version: { version_data: [ { version_value: "All versions < V2.8.19", }, ], }, }, { product_name: "Desigo PXC00-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC00-U", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC001-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC100-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC12-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC128-U", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC200-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC22-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC22.1-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC36.1-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC50-E.D", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXC64-U", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Desigo PXM20-E", version: { version_data: [ { version_value: "All versions >= V2.3 and < V6.30.016", }, ], }, }, { product_name: "Nucleus NET", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "Nucleus ReadyStart V3", version: { version_data: [ { version_value: "All versions < V2017.02.4", }, ], }, }, { product_name: "Nucleus Source Code", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "TALON TC Compact (BACnet)", version: { version_data: [ { version_value: "All versions < V3.5.4", }, ], }, }, { product_name: "TALON TC Modular (BACnet)", version: { version_data: [ { version_value: "All versions < V3.5.4", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “PWD/XPWD” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0016)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-170: Improper Null Termination", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2021-31887", datePublished: "2021-11-09T11:32:00", dateReserved: "2021-04-29T00:00:00", dateUpdated: "2024-08-03T23:10:30.650Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-27393
Vulnerability from cvelistv5
Published
2021-04-22 20:42
Modified
2024-08-03 20:48
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2013.08), Nucleus Source Code (Versions including affected DNS modules). The DNS client does not properly randomize UDP port numbers of DNS requests. That could allow an attacker to poison the DNS cache or spoof DNS resolving.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-201384.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Nucleus NET |
Version: All versions |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:48:16.739Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-201384.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Nucleus NET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "Nucleus ReadyStart V3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2013.08", }, ], }, { product: "Nucleus Source Code", vendor: "Siemens", versions: [ { status: "affected", version: "Versions including affected DNS modules", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2013.08), Nucleus Source Code (Versions including affected DNS modules). The DNS client does not properly randomize UDP port numbers of DNS requests. That could allow an attacker to poison the DNS cache or spoof DNS resolving.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-330", description: "CWE-330: Use of Insufficiently Random Values", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-11T11:27:04", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-201384.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2021-27393", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Nucleus NET", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "Nucleus ReadyStart V3", version: { version_data: [ { version_value: "All versions < V2013.08", }, ], }, }, { product_name: "Nucleus Source Code", version: { version_data: [ { version_value: "Versions including affected DNS modules", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2013.08), Nucleus Source Code (Versions including affected DNS modules). The DNS client does not properly randomize UDP port numbers of DNS requests. That could allow an attacker to poison the DNS cache or spoof DNS resolving.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-330: Use of Insufficiently Random Values", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-201384.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-201384.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2021-27393", datePublished: "2021-04-22T20:42:21", dateReserved: "2021-02-18T00:00:00", dateUpdated: "2024-08-03T20:48:16.739Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-25677
Vulnerability from cvelistv5
Published
2021-04-22 20:42
Modified
2024-08-03 20:11
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions >= V0.5.0.0 < V1.0.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the DNS cache or spoof DNS resolving.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | APOGEE PXC Compact (BACnet) |
Version: All versions < V3.5.5 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:11:28.339Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "APOGEE PXC Compact (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, { defaultStatus: "unknown", product: "APOGEE PXC Compact (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.8.20", }, ], }, { defaultStatus: "unknown", product: "APOGEE PXC Modular (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, { defaultStatus: "unknown", product: "APOGEE PXC Modular (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.8.20", }, ], }, { defaultStatus: "unknown", product: "Nucleus NET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "Nucleus ReadyStart V3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2017.02.3", }, ], }, { defaultStatus: "unknown", product: "Nucleus ReadyStart V3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2017.02.4", }, ], }, { defaultStatus: "unknown", product: "Nucleus ReadyStart V4", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.0", }, ], }, { defaultStatus: "unknown", product: "Nucleus Source Code", vendor: "Siemens", versions: [ { status: "affected", version: "Versions including affected DNS modules", }, ], }, { defaultStatus: "unknown", product: "SIMOTICS CONNECT 400", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V0.5.0.0", }, ], }, { defaultStatus: "unknown", product: "SIMOTICS CONNECT 400", vendor: "Siemens", versions: [ { status: "affected", version: "All versions >= V0.5.0.0 < V1.0.0.0", }, ], }, { defaultStatus: "unknown", product: "TALON TC Compact (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, { defaultStatus: "unknown", product: "TALON TC Modular (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions >= V0.5.0.0 < V1.0.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the DNS cache or spoof DNS resolving.", }, ], metrics: [ { cvssV3_1: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-330", description: "CWE-330: Use of Insufficiently Random Values", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-08T09:20:07.625Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2021-25677", datePublished: "2021-04-22T20:42:21", dateReserved: "2021-01-21T00:00:00", dateUpdated: "2024-08-03T20:11:28.339Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-27009
Vulnerability from cvelistv5
Published
2021-04-22 20:42
Modified
2024-08-04 16:03
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | APOGEE PXC Compact (BACnet) |
Version: All versions < V3.5.5 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:03:23.236Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-185699.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "APOGEE PXC Compact (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, { defaultStatus: "unknown", product: "APOGEE PXC Compact (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.8.20", }, ], }, { defaultStatus: "unknown", product: "APOGEE PXC Modular (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, { defaultStatus: "unknown", product: "APOGEE PXC Modular (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.8.20", }, ], }, { defaultStatus: "unknown", product: "Nucleus NET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2", }, ], }, { defaultStatus: "unknown", product: "Nucleus Source Code", vendor: "Siemens", versions: [ { status: "affected", version: "Versions including affected DNS modules", }, ], }, { defaultStatus: "unknown", product: "TALON TC Compact (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, { defaultStatus: "unknown", product: "TALON TC Modular (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition.", }, ], metrics: [ { cvssV3_1: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-823", description: "CWE-823: Use of Out-of-range Pointer Offset", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-08T09:20:02.298Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-185699.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-27009", datePublished: "2021-04-22T20:42:19", dateReserved: "2020-10-12T00:00:00", dateUpdated: "2024-08-04T16:03:23.236Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-27737
Vulnerability from cvelistv5
Published
2021-04-22 20:42
Modified
2024-08-04 16:18
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the memory past the allocated structure.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | APOGEE PXC Compact (BACnet) |
Version: All versions < V3.5.5 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:18:45.586Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "APOGEE PXC Compact (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, { defaultStatus: "unknown", product: "APOGEE PXC Compact (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.8.20", }, ], }, { defaultStatus: "unknown", product: "APOGEE PXC Modular (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, { defaultStatus: "unknown", product: "APOGEE PXC Modular (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.8.20", }, ], }, { defaultStatus: "unknown", product: "Nucleus NET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "Nucleus ReadyStart V3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2017.02.3", }, ], }, { defaultStatus: "unknown", product: "Nucleus ReadyStart V4", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.0", }, ], }, { defaultStatus: "unknown", product: "Nucleus Source Code", vendor: "Siemens", versions: [ { status: "affected", version: "Versions including affected DNS modules", }, ], }, { defaultStatus: "unknown", product: "SIMOTICS CONNECT 400", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V0.5.0.0", }, ], }, { defaultStatus: "unknown", product: "TALON TC Compact (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, { defaultStatus: "unknown", product: "TALON TC Modular (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the memory past the allocated structure.", }, ], metrics: [ { cvssV3_1: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-08T09:20:04.435Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-27737", datePublished: "2021-04-22T20:42:19", dateReserved: "2020-10-26T00:00:00", dateUpdated: "2024-08-04T16:18:45.586Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-25663
Vulnerability from cvelistv5
Published
2021-04-22 20:42
Modified
2025-03-11 09:47
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (All versions including affected IPv6 stack). The function that processes IPv6 headers does not check the lengths of extension header options, allowing attackers to put this function into an infinite loop with crafted length values.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-248289.pdf | x_refsource_MISC | |
| https://us-cert.cisa.gov/ics/advisories/icsa-21-103-05 | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/html/ssa-248289.html |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Capital Embedded AR Classic 431-422 |
Version: 0 < * |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:11:27.118Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-248289.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-05", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-248289.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Capital Embedded AR Classic 431-422", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Capital Embedded AR Classic R20-11", vendor: "Siemens", versions: [ { lessThan: "V2303", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Nucleus NET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "Nucleus ReadyStart V3", vendor: "Siemens", versions: [ { lessThan: "V2017.02.4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Nucleus ReadyStart V4", vendor: "Siemens", versions: [ { lessThan: "V4.1.0", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Nucleus Source Code", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (All versions including affected IPv6 stack). The function that processes IPv6 headers does not check the lengths of extension header options, allowing attackers to put this function into an infinite loop with crafted length values.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, { cvssV4_0: { baseScore: 8.7, baseSeverity: "HIGH", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-835", description: "CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-11T09:47:33.806Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-248289.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-05", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-248289.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2021-25663", datePublished: "2021-04-22T20:42:20", dateReserved: "2021-01-21T00:00:00", dateUpdated: "2025-03-11T09:47:33.806Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-13939
Vulnerability from cvelistv5
Published
2020-01-16 15:35
Modified
2025-03-11 09:47
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus Source Code (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-162506.pdf | x_refsource_CONFIRM | |
| https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06 | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/html/ssa-434032.html | ||
| https://cert-portal.siemens.com/productcert/html/ssa-162506.html |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Capital Embedded AR Classic 431-422 |
Version: 0 < * |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T00:05:43.738Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-162506.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-434032.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-162506.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Capital Embedded AR Classic 431-422", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Capital Embedded AR Classic R20-11", vendor: "Siemens", versions: [ { lessThan: "V2303", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Nucleus NET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "Nucleus ReadyStart V3", vendor: "Siemens", versions: [ { lessThan: "V2017.02.3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Nucleus Source Code", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus Source Code (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, { cvssV4_0: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20: Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-11T09:47:30.522Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-162506.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-434032.html", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-162506.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2019-13939", datePublished: "2020-01-16T15:35:24", dateReserved: "2019-07-18T00:00:00", dateUpdated: "2025-03-11T09:47:30.522Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-27736
Vulnerability from cvelistv5
Published
2021-04-22 20:42
Modified
2024-08-04 16:18
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name label parsing functionality does not properly validate the null-terminated name in DNS-responses. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the read memory.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | APOGEE PXC Compact (BACnet) |
Version: All versions < V3.5.5 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:18:45.573Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "APOGEE PXC Compact (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, { defaultStatus: "unknown", product: "APOGEE PXC Compact (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.8.20", }, ], }, { defaultStatus: "unknown", product: "APOGEE PXC Modular (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, { defaultStatus: "unknown", product: "APOGEE PXC Modular (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.8.20", }, ], }, { defaultStatus: "unknown", product: "Nucleus NET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "Nucleus ReadyStart V3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2017.02.3", }, ], }, { defaultStatus: "unknown", product: "Nucleus ReadyStart V4", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.1.0", }, ], }, { defaultStatus: "unknown", product: "Nucleus Source Code", vendor: "Siemens", versions: [ { status: "affected", version: "Versions including affected DNS modules", }, ], }, { defaultStatus: "unknown", product: "SIMOTICS CONNECT 400", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V0.5.0.0", }, ], }, { defaultStatus: "unknown", product: "TALON TC Compact (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, { defaultStatus: "unknown", product: "TALON TC Modular (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name label parsing functionality does not properly validate the null-terminated name in DNS-responses. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the read memory.", }, ], metrics: [ { cvssV3_1: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-170", description: "CWE-170: Improper Null Termination", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-08T09:20:03.377Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-27736", datePublished: "2021-04-22T20:42:19", dateReserved: "2020-10-26T00:00:00", dateUpdated: "2024-08-04T16:18:45.573Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-28388
Vulnerability from cvelistv5
Published
2021-02-09 00:00
Modified
2024-08-04 16:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus ReadyStart V3 (All versions < V2012.12), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). Initial Sequence Numbers (ISNs) for TCP connections are derived from an insufficiently random source. As a result, the ISN of current and future TCP connections could be predictable. An attacker could hijack existing sessions or spoof future ones.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | APOGEE PXC Compact (BACnet) |
Version: All versions < V3.5.5 |
||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:33:58.999Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-362164.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-344238.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-436469.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "APOGEE PXC Compact (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, { defaultStatus: "unknown", product: "APOGEE PXC Compact (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.8.20", }, ], }, { defaultStatus: "unknown", product: "APOGEE PXC Modular (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, { defaultStatus: "unknown", product: "APOGEE PXC Modular (P2 Ethernet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.8.20", }, ], }, { defaultStatus: "unknown", product: "Nucleus NET", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.2", }, ], }, { defaultStatus: "unknown", product: "Nucleus ReadyStart V3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2012.12", }, ], }, { defaultStatus: "unknown", product: "Nucleus Source Code", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "PLUSCONTROL 1st Gen", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "TALON TC Compact (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, { defaultStatus: "unknown", product: "TALON TC Modular (BACnet)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.5.5", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus ReadyStart V3 (All versions < V2012.12), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). Initial Sequence Numbers (ISNs) for TCP connections are derived from an insufficiently random source. As a result, the ISN of current and future TCP connections could be predictable. An attacker could hijack existing sessions or spoof future ones.", }, ], metrics: [ { cvssV3_1: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-342", description: "CWE-342: Predictable Exact Value from Previous Values", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-08T09:20:06.562Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-362164.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-344238.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-436469.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-28388", datePublished: "2021-02-09T00:00:00", dateReserved: "2020-11-10T00:00:00", dateUpdated: "2024-08-04T16:33:58.999Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
var-202102-1448
Vulnerability from variot
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus ReadyStart V3 (All versions < V2012.12), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). Initial Sequence Numbers (ISNs) for TCP connections are derived from an insufficiently random source. As a result, the ISN of current and future TCP connections could be predictable. An attacker could hijack existing sessions or spoof future ones. Nucleus NET , Nucleus ReadyStart , PLUSCONTROL 1st Gen Exists in unspecified vulnerabilities.Information may be tampered with. The Nucleus NET module contains a series of standard-compliant network and communication protocols, drivers and utilities to provide full-featured network support in any embedded device.
Siemens Nucleus NET has security vulnerabilities
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202102-1448", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nucleus net", scope: "lt", trust: 1, vendor: "siemens", version: "5.2", }, { model: "nucleus source code", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus readystart", scope: "lt", trust: 1, vendor: "siemens", version: "2012.12", }, { model: "capital vstar", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "pluscontrol 1st gen", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus readystart", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "nucleus net", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "nucleus net", scope: "lt", trust: 0.6, vendor: "siemens", version: "v5.2", }, { model: "nucleus readystart for arm,mips,and ppc", scope: "lt", trust: 0.6, vendor: "siemens", version: "v2012.12", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11834", }, { db: "JVNDB", id: "JVNDB-2020-015980", }, { db: "NVD", id: "CVE-2020-28388", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "and Amine Amri of Forescout Research Labs reported these vulnerabilities to CISA., Stanislav Dashevskyi,Daniel dos Santos, Jos Wetzels", sources: [ { db: "CNNVD", id: "CNNVD-202102-881", }, ], trust: 0.6, }, cve: "CVE-2020-28388", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CVE-2020-28388", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.9, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2021-11834", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2020-28388", impactScore: 1.4, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "productcert@siemens.com", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2020-28388", impactScore: 2.5, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 5.3, baseSeverity: "Medium", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2020-28388", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-28388", trust: 1, value: "MEDIUM", }, { author: "productcert@siemens.com", id: "CVE-2020-28388", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2020-28388", trust: 0.8, value: "Medium", }, { author: "CNVD", id: "CNVD-2021-11834", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202102-881", trust: 0.6, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2020-28388", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11834", }, { db: "VULMON", id: "CVE-2020-28388", }, { db: "JVNDB", id: "JVNDB-2020-015980", }, { db: "CNNVD", id: "CNNVD-202102-881", }, { db: "NVD", id: "CVE-2020-28388", }, { db: "NVD", id: "CVE-2020-28388", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus ReadyStart V3 (All versions < V2012.12), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). Initial Sequence Numbers (ISNs) for TCP connections are derived from an insufficiently random source. As a result, the ISN of current and future TCP connections could be predictable. An attacker could hijack existing sessions or spoof future ones. Nucleus NET , Nucleus ReadyStart , PLUSCONTROL 1st Gen Exists in unspecified vulnerabilities.Information may be tampered with. The Nucleus NET module contains a series of standard-compliant network and communication protocols, drivers and utilities to provide full-featured network support in any embedded device. \n\r\n\r\nSiemens Nucleus NET has security vulnerabilities", sources: [ { db: "NVD", id: "CVE-2020-28388", }, { db: "JVNDB", id: "JVNDB-2020-015980", }, { db: "CNVD", id: "CNVD-2021-11834", }, { db: "VULMON", id: "CVE-2020-28388", }, ], trust: 2.25, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-28388", trust: 3.9, }, { db: "SIEMENS", id: "SSA-362164", trust: 2.3, }, { db: "SIEMENS", id: "SSA-436469", trust: 1.7, }, { db: "SIEMENS", id: "SSA-344238", trust: 1.7, }, { db: "ICS CERT", id: "ICSA-21-068-08", trust: 1.4, }, { db: "SIEMENS", id: "SSA-180579", trust: 1, }, { db: "JVN", id: "JVNVU91083521", trust: 0.8, }, { db: "JVN", id: "JVNVU90767599", trust: 0.8, }, { db: "JVN", id: "JVNVU91561630", trust: 0.8, }, { db: "JVN", id: "JVNVU93441670", trust: 0.8, }, { db: "ICS CERT", id: "ICSA-22-349-14", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2020-015980", trust: 0.8, }, { db: "CNVD", id: "CNVD-2021-11834", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.0853", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.0538", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-042-01", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202102-881", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-22-349-10", trust: 0.1, }, { db: "VULMON", id: "CVE-2020-28388", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11834", }, { db: "VULMON", id: "CVE-2020-28388", }, { db: "JVNDB", id: "JVNDB-2020-015980", }, { db: "CNNVD", id: "CNNVD-202102-881", }, { db: "NVD", id: "CVE-2020-28388", }, ], }, id: "VAR-202102-1448", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-11834", }, ], trust: 0.9393398399999999, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11834", }, ], }, last_update_date: "2024-11-23T20:57:34.216000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "SSA-362164 Siemens Security Advisory", trust: 0.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-362164.pdf", }, { title: "Patch for Siemens Nucleus NET predictable initial sequence vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/248776", }, { title: "Multiple Nucleus product Security vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=141302", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=864fdb86041bc2144f114e7ec91e8aa5", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=ec5d325ed2cb9493722dc92d15dd7d3b", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11834", }, { db: "VULMON", id: "CVE-2020-28388", }, { db: "JVNDB", id: "JVNDB-2020-015980", }, { db: "CNNVD", id: "CNNVD-202102-881", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "NVD-CWE-Other", trust: 1, }, { problemtype: "CWE-342", trust: 1, }, { problemtype: "others (CWE-Other) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-015980", }, { db: "NVD", id: "CVE-2020-28388", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.3, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-362164.pdf", }, { trust: 1.7, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-344238.pdf", }, { trust: 1.7, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-436469.pdf", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf", }, { trust: 0.8, url: "http://jvn.jp/vu/jvnvu91083521", }, { trust: 0.8, url: "http://jvn.jp/vu/jvnvu93441670", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu90767599", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu91561630/", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2020-28388", }, { trust: 0.8, url: "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-14", }, { trust: 0.8, url: "https://www.cisa.gov/news-events/ics-advisories/icsa-21-068-08", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.0853", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-068-08", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.0538", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-042-01", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/342.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-10", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-11834", }, { db: "VULMON", id: "CVE-2020-28388", }, { db: "JVNDB", id: "JVNDB-2020-015980", }, { db: "CNNVD", id: "CNNVD-202102-881", }, { db: "NVD", id: "CVE-2020-28388", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-11834", }, { db: "VULMON", id: "CVE-2020-28388", }, { db: "JVNDB", id: "JVNDB-2020-015980", }, { db: "CNNVD", id: "CNNVD-202102-881", }, { db: "NVD", id: "CVE-2020-28388", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-02-22T00:00:00", db: "CNVD", id: "CNVD-2021-11834", }, { date: "2021-02-09T00:00:00", db: "VULMON", id: "CVE-2020-28388", }, { date: "2021-10-29T00:00:00", db: "JVNDB", id: "JVNDB-2020-015980", }, { date: "2021-02-09T00:00:00", db: "CNNVD", id: "CNNVD-202102-881", }, { date: "2021-02-09T18:15:34.590000", db: "NVD", id: "CVE-2020-28388", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-12T00:00:00", db: "CNVD", id: "CNVD-2021-11834", }, { date: "2022-12-13T00:00:00", db: "VULMON", id: "CVE-2020-28388", }, { date: "2024-09-12T07:14:00", db: "JVNDB", id: "JVNDB-2020-015980", }, { date: "2022-12-14T00:00:00", db: "CNNVD", id: "CNNVD-202102-881", }, { date: "2024-11-21T05:22:42.130000", db: "NVD", id: "CVE-2020-28388", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202102-881", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Vulnerabilities in multiple Siemens products", sources: [ { db: "JVNDB", id: "JVNDB-2020-015980", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202102-881", }, ], trust: 0.6, }, }
var-202104-1825
Vulnerability from variot
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the memory past the allocated structure. SIMOTICS CONNECT 400 is a connector and sensor box installed on a low-voltage motor and provides analysis data for the MindSphere application SIDRIVE IQ Fleet.
Siemens SIMOTICS CONNECT 400 has an out-of-bounds read vulnerability. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202104-1825", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nucleus readystart v3", scope: "lt", trust: 1, vendor: "siemens", version: "2017.02.3", }, { model: "nucleus source code", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "simotics connect 400", scope: "lt", trust: 1, vendor: "siemens", version: "0.5.0.0", }, { model: "nucleus net", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus readystart v4", scope: "lt", trust: 1, vendor: "siemens", version: "4.1.0", }, { model: "simotics connect", scope: "eq", trust: 0.6, vendor: "siemens", version: "400<v0.5.0.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28706", }, { db: "NVD", id: "CVE-2020-27737", }, ], }, cve: "CVE-2020-27737", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "CVE-2020-27737", impactScore: 4.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.1, vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:P", version: "2.0", }, { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 6.1, confidentialityImpact: "PARTIAL", exploitabilityScore: 4.9, id: "CNVD-2021-28706", impactScore: 7.8, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:H/Au:N/C:P/I:N/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "HIGH", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.2, id: "CVE-2020-27737", impactScore: 4.2, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-27737", trust: 1, value: "MEDIUM", }, { author: "productcert@siemens.com", id: "CVE-2020-27737", trust: 1, value: "MEDIUM", }, { author: "CNVD", id: "CNVD-2021-28706", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202104-938", trust: 0.6, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2020-27737", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28706", }, { db: "VULMON", id: "CVE-2020-27737", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-938", }, { db: "NVD", id: "CVE-2020-27737", }, { db: "NVD", id: "CVE-2020-27737", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the memory past the allocated structure. SIMOTICS CONNECT 400 is a connector and sensor box installed on a low-voltage motor and provides analysis data for the MindSphere application SIDRIVE IQ Fleet. \n\r\n\r\nSiemens SIMOTICS CONNECT 400 has an out-of-bounds read vulnerability. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements", sources: [ { db: "NVD", id: "CVE-2020-27737", }, { db: "CNVD", id: "CNVD-2021-28706", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "VULMON", id: "CVE-2020-27737", }, ], trust: 2.07, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-27737", trust: 2.3, }, { db: "SIEMENS", id: "SSA-669158", trust: 2.3, }, { db: "SIEMENS", id: "SSA-705111", trust: 1.7, }, { db: "SIEMENS", id: "SSA-180579", trust: 1, }, { db: "CNVD", id: "CNVD-2021-28706", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041363", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-103-13", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041407", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041515", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-938", trust: 0.6, }, { db: "VULMON", id: "CVE-2020-27737", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28706", }, { db: "VULMON", id: "CVE-2020-27737", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-938", }, { db: "NVD", id: "CVE-2020-27737", }, ], }, id: "VAR-202104-1825", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-28706", }, ], trust: 1.1595598933333333, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28706", }, ], }, last_update_date: "2024-11-23T20:59:06.066000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Patch for Siemens SIMOTICS CONNECT 400 out-of-bounds read vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/258571", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=53e7f522de1910b1af8f6f92fe53b3b1", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=8f932b97a970d1020015c1a82a730e96", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28706", }, { db: "VULMON", id: "CVE-2020-27737", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-125", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2020-27737", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.3, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf", }, { trust: 1.7, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041363", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2020-27737", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041515", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-13", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041407", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/125.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://cert-portal.siemens.com/productcert/txt/ssa-669158.txt", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28706", }, { db: "VULMON", id: "CVE-2020-27737", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-938", }, { db: "NVD", id: "CVE-2020-27737", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-28706", }, { db: "VULMON", id: "CVE-2020-27737", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-938", }, { db: "NVD", id: "CVE-2020-27737", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-15T00:00:00", db: "CNVD", id: "CNVD-2021-28706", }, { date: "2021-04-22T00:00:00", db: "VULMON", id: "CVE-2020-27737", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-938", }, { date: "2021-04-22T21:15:09.280000", db: "NVD", id: "CVE-2020-27737", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-15T00:00:00", db: "CNVD", id: "CNVD-2021-28706", }, { date: "2021-04-30T00:00:00", db: "VULMON", id: "CVE-2020-27737", }, { date: "2021-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2022-03-11T00:00:00", db: "CNNVD", id: "CNNVD-202104-938", }, { date: "2024-11-21T05:21:43.447000", db: "NVD", id: "CVE-2020-27737", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202104-938", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens SIMOTICS CONNECT 400 out-of-bounds read vulnerability", sources: [ { db: "CNVD", id: "CNVD-2021-28706", }, ], trust: 0.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202104-975", }, ], trust: 0.6, }, }
var-202111-1615
Vulnerability from variot
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0). Malformed TCP packets with a corrupted SACK option leads to Information Leaks and Denial-of-Service conditions. (FSMD-2021-0015)
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202111-1615", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nucleus readystart v3", scope: "lt", trust: 1, vendor: "siemens", version: "2017.02.3", }, { model: "apogee modular building controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "talon tc compact", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "apogee pxc compact", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus net", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus source code", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "apogee pxc modular", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "talon tc modular", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "capital vstar", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "apogee modular equiment controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, ], sources: [ { db: "NVD", id: "CVE-2021-31889", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens reported these vulnerabilities to CISA.", sources: [ { db: "CNNVD", id: "CNNVD-202111-837", }, ], trust: 0.6, }, cve: "CVE-2021-31889", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2021-31889", impactScore: 4.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2021-31889", impactScore: 5.2, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "productcert@siemens.com", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2021-31889", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-31889", trust: 1, value: "CRITICAL", }, { author: "productcert@siemens.com", id: "CVE-2021-31889", trust: 1, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202111-837", trust: 0.6, value: "CRITICAL", }, ], }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-837", }, { db: "NVD", id: "CVE-2021-31889", }, { db: "NVD", id: "CVE-2021-31889", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0). Malformed TCP packets with a corrupted SACK option leads to Information Leaks and Denial-of-Service conditions. (FSMD-2021-0015)", sources: [ { db: "NVD", id: "CVE-2021-31889", }, ], trust: 1, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-31889", trust: 1.6, }, { db: "SIEMENS", id: "SSA-620288", trust: 1.6, }, { db: "SIEMENS", id: "SSA-044112", trust: 1.6, }, { db: "SIEMENS", id: "SSA-845392", trust: 1.6, }, { db: "SIEMENS", id: "SSA-223353", trust: 1.6, }, { db: "SIEMENS", id: "SSA-114589", trust: 1.6, }, { db: "AUSCERT", id: "ESB-2022.0094", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3874", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.4289", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3833", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-22-013-03", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-22-069-02", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-350-06", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-313-03", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-315-07", trust: 0.6, }, { db: "CS-HELP", id: "SB2021111003", trust: 0.6, }, { db: "CS-HELP", id: "SB2021121648", trust: 0.6, }, { db: "CS-HELP", id: "SB2022011803", trust: 0.6, }, { db: "CS-HELP", id: "SB2022031014", trust: 0.6, }, { db: "CS-HELP", id: "SB2022010910", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202111-837", trust: 0.6, }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-837", }, { db: "NVD", id: "CVE-2021-31889", }, ], }, id: "VAR-202111-1615", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.544069276, }, last_update_date: "2024-10-08T20:42:01.527000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "siemens Nucleus Fixes for digital error vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=185268", }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-837", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-191", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2021-31889", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-223353.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-044112.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-114589.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-223353.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-620288.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-845392.html", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021111003", }, { trust: 0.6, url: "https://source.android.com/security/bulletin/2022-01-01", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.0094", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3833", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-22-069-02", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3874", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-january-2022-37172", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.4289", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022011803", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-22-013-03", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021121648", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-07", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022010910", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-350-06", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022031014", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-313-03", }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-837", }, { db: "NVD", id: "CVE-2021-31889", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNNVD", id: "CNNVD-202111-837", }, { db: "NVD", id: "CVE-2021-31889", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-11-09T00:00:00", db: "CNNVD", id: "CNNVD-202111-837", }, { date: "2021-11-09T12:15:09.693000", db: "NVD", id: "CVE-2021-31889", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-05-23T00:00:00", db: "CNNVD", id: "CNNVD-202111-837", }, { date: "2024-10-08T09:15:06.100000", db: "NVD", id: "CVE-2021-31889", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202111-837", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens Nucleus Digital error vulnerability", sources: [ { db: "CNNVD", id: "CNNVD-202111-837", }, ], trust: 0.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "digital error", sources: [ { db: "CNNVD", id: "CNNVD-202111-837", }, ], trust: 0.6, }, }
var-202104-1824
Vulnerability from variot
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a read access past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition. SIMOTICS CONNECT 400 is a connector and sensor box installed on a low-voltage motor and provides analysis data for the MindSphere application SIDRIVE IQ Fleet.
Siemens SIMOTICS CONNECT 400 has a denial of service vulnerability. Attackers can use vulnerabilities to cause denial of service. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202104-1824", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nucleus readystart v3", scope: "lt", trust: 1, vendor: "siemens", version: "2017.02.3", }, { model: "nucleus source code", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "simotics connect 400", scope: "lt", trust: 1, vendor: "siemens", version: "0.5.0.0", }, { model: "nucleus net", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus readystart v4", scope: "lt", trust: 1, vendor: "siemens", version: "4.1.0", }, { model: "simotics connect", scope: "eq", trust: 0.6, vendor: "siemens", version: "400<v0.5.0.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28705", }, { db: "NVD", id: "CVE-2020-27738", }, ], }, cve: "CVE-2020-27738", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "CVE-2020-27738", impactScore: 4.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1, vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:P", version: "2.0", }, { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 6.1, confidentialityImpact: "PARTIAL", exploitabilityScore: 4.9, id: "CNVD-2021-28705", impactScore: 7.8, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:H/Au:N/C:P/I:N/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULMON", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2020-27738", impactScore: 4.9, integrityImpact: "NONE", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "MEDIUM", trust: 0.1, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "HIGH", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.2, id: "CVE-2020-27738", impactScore: 5.2, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, { attackComplexity: "HIGH", attackVector: "NETWORK", author: "productcert@siemens.com", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.2, id: "CVE-2020-27738", impactScore: 4.2, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-27738", trust: 1, value: "HIGH", }, { author: "productcert@siemens.com", id: "CVE-2020-27738", trust: 1, value: "MEDIUM", }, { author: "CNVD", id: "CNVD-2021-28705", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202104-934", trust: 0.6, value: "HIGH", }, { author: "VULMON", id: "CVE-2020-27738", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28705", }, { db: "VULMON", id: "CVE-2020-27738", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-934", }, { db: "NVD", id: "CVE-2020-27738", }, { db: "NVD", id: "CVE-2020-27738", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a read access past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition. SIMOTICS CONNECT 400 is a connector and sensor box installed on a low-voltage motor and provides analysis data for the MindSphere application SIDRIVE IQ Fleet. \n\r\n\r\nSiemens SIMOTICS CONNECT 400 has a denial of service vulnerability. Attackers can use vulnerabilities to cause denial of service. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements", sources: [ { db: "NVD", id: "CVE-2020-27738", }, { db: "CNVD", id: "CNVD-2021-28705", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "VULMON", id: "CVE-2020-27738", }, ], trust: 2.07, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "SIEMENS", id: "SSA-669158", trust: 2.3, }, { db: "NVD", id: "CVE-2020-27738", trust: 2.3, }, { db: "SIEMENS", id: "SSA-705111", trust: 1.7, }, { db: "SIEMENS", id: "SSA-180579", trust: 1, }, { db: "CNVD", id: "CNVD-2021-28705", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041363", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-103-13", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041407", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041515", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-934", trust: 0.6, }, { db: "VULMON", id: "CVE-2020-27738", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28705", }, { db: "VULMON", id: "CVE-2020-27738", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-934", }, { db: "NVD", id: "CVE-2020-27738", }, ], }, id: "VAR-202104-1824", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-28705", }, ], trust: 1.1595598933333333, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28705", }, ], }, last_update_date: "2024-11-23T21:31:31.460000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Patch for Siemens SIMOTICS CONNECT 400 Denial of Service Vulnerability (CNVD-2021-28705)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/258576", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=53e7f522de1910b1af8f6f92fe53b3b1", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=8f932b97a970d1020015c1a82a730e96", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28705", }, { db: "VULMON", id: "CVE-2020-27738", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-119", trust: 1, }, { problemtype: "CWE-788", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2020-27738", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.3, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf", }, { trust: 1.7, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041363", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041515", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2020-27738", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-13", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041407", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/119.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://cert-portal.siemens.com/productcert/txt/ssa-669158.txt", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28705", }, { db: "VULMON", id: "CVE-2020-27738", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-934", }, { db: "NVD", id: "CVE-2020-27738", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-28705", }, { db: "VULMON", id: "CVE-2020-27738", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-934", }, { db: "NVD", id: "CVE-2020-27738", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-15T00:00:00", db: "CNVD", id: "CNVD-2021-28705", }, { date: "2021-04-22T00:00:00", db: "VULMON", id: "CVE-2020-27738", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-934", }, { date: "2021-04-22T21:15:09.313000", db: "NVD", id: "CVE-2020-27738", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-15T00:00:00", db: "CNVD", id: "CNVD-2021-28705", }, { date: "2021-04-30T00:00:00", db: "VULMON", id: "CVE-2020-27738", }, { date: "2021-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2022-01-12T00:00:00", db: "CNNVD", id: "CNNVD-202104-934", }, { date: "2024-11-21T05:21:43.600000", db: "NVD", id: "CVE-2020-27738", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202104-934", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens SIMOTICS CONNECT 400 Denial of Service Vulnerability (CNVD-2021-28705)", sources: [ { db: "CNVD", id: "CNVD-2021-28705", }, ], trust: 0.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202104-975", }, ], trust: 0.6, }, }
var-202104-1828
Vulnerability from variot
A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2013.08), Nucleus Source Code (Versions including affected DNS modules). The DNS client does not properly randomize UDP port numbers of DNS requests. That could allow an attacker to poison the DNS cache or spoof DNS resolving. The Nucleus NET module contains a series of standard-compliant network and communication protocols, drivers and utilities to provide full-featured network support in any embedded device. Nucleus RTOS provides a highly scalable microkernel-based real-time operating system designed for the scalability and reliability of systems in aerospace, industrial and medical applications. VSTAR is a complete AUTOSAR 4 based ECU solution that provides tools and embedded software for timely product deployment. Nucleus ReadyStart is a platform with integrated software IP, tools and services.
The DNS module of Siemens Nucleus products has security vulnerabilities. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202104-1828", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nucleus source code", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "nucleus net", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus readystart v3", scope: "lt", trust: 1, vendor: "siemens", version: "2013.08", }, { model: "vstar", scope: null, trust: 0.6, vendor: "siemens", version: null, }, { model: "nucleus source code", scope: null, trust: 0.6, vendor: "siemens", version: null, }, { model: "nucleus rtos", scope: null, trust: 0.6, vendor: "siemens", version: null, }, { model: "nucleus net", scope: null, trust: 0.6, vendor: "siemens", version: null, }, { model: "nucleus readystart", scope: "lt", trust: 0.6, vendor: "siemens", version: "v2013.08", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28698", }, { db: "NVD", id: "CVE-2021-27393", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens reported this vulnerability to CISA.", sources: [ { db: "CNNVD", id: "CNNVD-202104-921", }, ], trust: 0.6, }, cve: "CVE-2021-27393", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CVE-2021-27393", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.1, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2021-28698", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2021-27393", impactScore: 1.4, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-27393", trust: 1, value: "MEDIUM", }, { author: "CNVD", id: "CNVD-2021-28698", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202104-921", trust: 0.6, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2021-27393", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28698", }, { db: "VULMON", id: "CVE-2021-27393", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-921", }, { db: "NVD", id: "CVE-2021-27393", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2013.08), Nucleus Source Code (Versions including affected DNS modules). The DNS client does not properly randomize UDP port numbers of DNS requests. That could allow an attacker to poison the DNS cache or spoof DNS resolving. The Nucleus NET module contains a series of standard-compliant network and communication protocols, drivers and utilities to provide full-featured network support in any embedded device. Nucleus RTOS provides a highly scalable microkernel-based real-time operating system designed for the scalability and reliability of systems in aerospace, industrial and medical applications. VSTAR is a complete AUTOSAR 4 based ECU solution that provides tools and embedded software for timely product deployment. Nucleus ReadyStart is a platform with integrated software IP, tools and services. \n\r\n\r\nThe DNS module of Siemens Nucleus products has security vulnerabilities. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements", sources: [ { db: "NVD", id: "CVE-2021-27393", }, { db: "CNVD", id: "CNVD-2021-28698", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "VULMON", id: "CVE-2021-27393", }, ], trust: 2.07, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "SIEMENS", id: "SSA-201384", trust: 2.3, }, { db: "NVD", id: "CVE-2021-27393", trust: 2.3, }, { db: "CNVD", id: "CNVD-2021-28698", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041363", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-103-14", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041408", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-921", trust: 0.6, }, { db: "VULMON", id: "CVE-2021-27393", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28698", }, { db: "VULMON", id: "CVE-2021-27393", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-921", }, { db: "NVD", id: "CVE-2021-27393", }, ], }, id: "VAR-202104-1828", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-28698", }, ], trust: 1.1225228600000001, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28698", }, ], }, last_update_date: "2024-11-23T21:14:20.608000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Patch for Siemens Nucleus product DNS module can predict UDP port number vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/258426", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=05c4bed0fc8868101fc6066abbc9f1a5", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28698", }, { db: "VULMON", id: "CVE-2021-27393", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-330", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2021-27393", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.3, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-201384.pdf", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041363", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-14", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041408", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2021-27393", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/330.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://cert-portal.siemens.com/productcert/txt/ssa-201384.txt", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28698", }, { db: "VULMON", id: "CVE-2021-27393", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-921", }, { db: "NVD", id: "CVE-2021-27393", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-28698", }, { db: "VULMON", id: "CVE-2021-27393", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-921", }, { db: "NVD", id: "CVE-2021-27393", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-15T00:00:00", db: "CNVD", id: "CNVD-2021-28698", }, { date: "2021-04-22T00:00:00", db: "VULMON", id: "CVE-2021-27393", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-921", }, { date: "2021-04-22T21:15:10.393000", db: "NVD", id: "CVE-2021-27393", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-15T00:00:00", db: "CNVD", id: "CNVD-2021-28698", }, { date: "2021-04-30T00:00:00", db: "VULMON", id: "CVE-2021-27393", }, { date: "2021-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2022-01-14T00:00:00", db: "CNNVD", id: "CNNVD-202104-921", }, { date: "2024-11-21T05:57:54.343000", db: "NVD", id: "CVE-2021-27393", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202104-921", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens Nucleus product DNS module can predict UDP port number vulnerability", sources: [ { db: "CNVD", id: "CNVD-2021-28698", }, ], trust: 0.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202104-975", }, ], trust: 0.6, }, }
var-202104-1925
Vulnerability from variot
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (All versions including affected IPv6 stack). The function that processes IPv6 headers does not check the lengths of extension header options, allowing attackers to put this function into an infinite loop with crafted length values. The Nucleus NET module contains a series of standard-compliant network and communication protocols, drivers and utilities to provide full-featured network support in any embedded device. Nucleus RTOS provides a highly scalable microkernel-based real-time operating system designed for the scalability and reliability of systems in aerospace, industrial and medical applications. VSTAR is a complete AUTOSAR 4 based ECU solution that provides tools and embedded software for timely product deployment. Nucleus ReadyStart is a platform with integrated software IP, tools and services.
Siemens Nucleus products have security vulnerabilities. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202104-1925", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nucleus readystart", scope: "lt", trust: 1, vendor: "siemens", version: "4.1.0", }, { model: "nucleus source code", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "nucleus readystart", scope: "lt", trust: 1, vendor: "siemens", version: "2017.02.4", }, { model: "capital vstar", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "nucleus net", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "vstar", scope: null, trust: 0.6, vendor: "siemens", version: null, }, { model: "nucleus source code", scope: null, trust: 0.6, vendor: "siemens", version: null, }, { model: "nucleus net", scope: null, trust: 0.6, vendor: "siemens", version: null, }, { model: "nucleus readystart", scope: null, trust: 0.6, vendor: "siemens", version: null, }, { model: "nucleus", scope: "eq", trust: 0.6, vendor: "siemens", version: "4<v4.1.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28697", }, { db: "NVD", id: "CVE-2021-25663", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens reported these vulnerabilities to CISA.", sources: [ { db: "CNNVD", id: "CNNVD-202104-995", }, ], trust: 0.6, }, cve: "CVE-2021-25663", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CVE-2021-25663", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.1, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2021-28697", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2021-25663", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-25663", trust: 1, value: "HIGH", }, { author: "productcert@siemens.com", id: "CVE-2021-25663", trust: 1, value: "HIGH", }, { author: "CNVD", id: "CNVD-2021-28697", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202104-995", trust: 0.6, value: "HIGH", }, { author: "VULMON", id: "CVE-2021-25663", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28697", }, { db: "VULMON", id: "CVE-2021-25663", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-995", }, { db: "NVD", id: "CVE-2021-25663", }, { db: "NVD", id: "CVE-2021-25663", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (All versions including affected IPv6 stack). The function that processes IPv6 headers does not check the lengths of extension header options, allowing attackers to put this function into an infinite loop with crafted length values. The Nucleus NET module contains a series of standard-compliant network and communication protocols, drivers and utilities to provide full-featured network support in any embedded device. Nucleus RTOS provides a highly scalable microkernel-based real-time operating system designed for the scalability and reliability of systems in aerospace, industrial and medical applications. VSTAR is a complete AUTOSAR 4 based ECU solution that provides tools and embedded software for timely product deployment. Nucleus ReadyStart is a platform with integrated software IP, tools and services. \n\r\n\r\nSiemens Nucleus products have security vulnerabilities. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements", sources: [ { db: "NVD", id: "CVE-2021-25663", }, { db: "CNVD", id: "CNVD-2021-28697", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "VULMON", id: "CVE-2021-25663", }, ], trust: 2.07, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "SIEMENS", id: "SSA-248289", trust: 2.3, }, { db: "NVD", id: "CVE-2021-25663", trust: 2.3, }, { db: "ICS CERT", id: "ICSA-21-103-05", trust: 1.7, }, { db: "CNVD", id: "CNVD-2021-28697", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041363", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041414", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.1245", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-995", trust: 0.6, }, { db: "VULMON", id: "CVE-2021-25663", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28697", }, { db: "VULMON", id: "CVE-2021-25663", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-995", }, { db: "NVD", id: "CVE-2021-25663", }, ], }, id: "VAR-202104-1925", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-28697", }, ], trust: 1.1225228600000001, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28697", }, ], }, last_update_date: "2024-11-23T20:09:48.510000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Patch for Siemens Nucleus product IPv6 stack denial of service vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/258466", }, { title: "siemens Nucleus Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=147375", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=2e667a20dc904cea13ad0154c0461a55", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28697", }, { db: "VULMON", id: "CVE-2021-25663", }, { db: "CNNVD", id: "CNNVD-202104-995", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-835", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2021-25663", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.3, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-248289.pdf", }, { trust: 2.3, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-05", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-248289.html", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041363", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041414", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.1245", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2021-25663", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/835.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://cert-portal.siemens.com/productcert/txt/ssa-248289.txt", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28697", }, { db: "VULMON", id: "CVE-2021-25663", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-995", }, { db: "NVD", id: "CVE-2021-25663", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-28697", }, { db: "VULMON", id: "CVE-2021-25663", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-995", }, { db: "NVD", id: "CVE-2021-25663", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-15T00:00:00", db: "CNVD", id: "CNVD-2021-28697", }, { date: "2021-04-22T00:00:00", db: "VULMON", id: "CVE-2021-25663", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-995", }, { date: "2021-04-22T21:15:09.957000", db: "NVD", id: "CVE-2021-25663", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-15T00:00:00", db: "CNVD", id: "CNVD-2021-28697", }, { date: "2021-04-30T00:00:00", db: "VULMON", id: "CVE-2021-25663", }, { date: "2021-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2021-11-18T00:00:00", db: "CNNVD", id: "CNNVD-202104-995", }, { date: "2024-11-21T05:55:14.813000", db: "NVD", id: "CVE-2021-25663", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202104-995", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens Nucleus product IPv6 stack denial of service vulnerability", sources: [ { db: "CNVD", id: "CNVD-2021-28697", }, ], trust: 0.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-995", }, ], trust: 1.2, }, }
var-202111-1609
Vulnerability from variot
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303). The DHCP client application does not validate the length of the Domain Name Server IP option(s) (0x06) when processing DHCP ACK packets. This may lead to Denial-of-Service conditions. (FSMD-2021-0011)
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202111-1609", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "apogee modular building controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "talon tc compact", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "apogee pxc compact", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus net", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus source code", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "apogee pxc modular", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "talon tc modular", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "capital vstar", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus readystart v3", scope: "lt", trust: 1, vendor: "siemens", version: "2017.02.1", }, { model: "apogee modular equiment controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, ], sources: [ { db: "NVD", id: "CVE-2021-31882", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens reported these vulnerabilities to CISA.", sources: [ { db: "CNNVD", id: "CNNVD-202111-850", }, ], trust: 0.6, }, cve: "CVE-2021-31882", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CVE-2021-31882", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2021-31882", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "ADJACENT", author: "productcert@siemens.com", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitabilityScore: 2.8, id: "CVE-2021-31882", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-31882", trust: 1, value: "HIGH", }, { author: "productcert@siemens.com", id: "CVE-2021-31882", trust: 1, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202111-850", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-850", }, { db: "NVD", id: "CVE-2021-31882", }, { db: "NVD", id: "CVE-2021-31882", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303). The DHCP client application does not validate the length of the Domain Name Server IP option(s) (0x06) when processing DHCP ACK packets. This may lead to Denial-of-Service conditions. (FSMD-2021-0011)", sources: [ { db: "NVD", id: "CVE-2021-31882", }, ], trust: 1, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "SIEMENS", id: "SSA-114589", trust: 1.6, }, { db: "SIEMENS", id: "SSA-620288", trust: 1.6, }, { db: "SIEMENS", id: "SSA-044112", trust: 1.6, }, { db: "NVD", id: "CVE-2021-31882", trust: 1.6, }, { db: "ICS CERT", id: "ICSA-21-350-06", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-313-03", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-315-07", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3874", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.4289", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3833", trust: 0.6, }, { db: "CS-HELP", id: "SB2021111003", trust: 0.6, }, { db: "CS-HELP", id: "SB2021121648", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202111-850", trust: 0.6, }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-850", }, { db: "NVD", id: "CVE-2021-31882", }, ], }, id: "VAR-202111-1609", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.544069276, }, last_update_date: "2024-10-08T21:17:07.111000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Siemens Nucleus ReadyStart Buffer error vulnerability fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=174358", }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-850", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-119", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2021-31882", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-044112.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-114589.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-620288.html", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021111003", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3874", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2021-31882", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.4289", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021121648", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3833", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-07", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-350-06", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-313-03", }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-850", }, { db: "NVD", id: "CVE-2021-31882", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNNVD", id: "CNNVD-202111-850", }, { db: "NVD", id: "CVE-2021-31882", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-11-09T00:00:00", db: "CNNVD", id: "CNNVD-202111-850", }, { date: "2021-11-09T12:15:09.317000", db: "NVD", id: "CVE-2021-31882", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-05-23T00:00:00", db: "CNNVD", id: "CNNVD-202111-850", }, { date: "2024-10-08T09:15:05.170000", db: "NVD", id: "CVE-2021-31882", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202111-850", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens Nucleus Buffer error vulnerability", sources: [ { db: "CNNVD", id: "CNNVD-202111-850", }, ], trust: 0.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202111-850", }, ], trust: 0.6, }, }
var-202104-1839
Vulnerability from variot
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name label parsing functionality does not properly validate the names in DNS-responses. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition. The Nucleus NET module contains a series of standard-compliant network and communication protocols, drivers and utilities to provide full-featured network support in any embedded device.
Siemens Nucleus products have cross-border write vulnerabilities. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202104-1839", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nucleus net", scope: "lt", trust: 1, vendor: "siemens", version: "5.2", }, { model: "nucleus source code", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "nucleus net", scope: "lt", trust: 0.6, vendor: "siemens", version: "v5.2", }, { model: "nucleus rtos", scope: null, trust: 0.6, vendor: "siemens", version: null, }, { model: "nucleus source code", scope: null, trust: 0.6, vendor: "siemens", version: null, }, { model: "vstar", scope: null, trust: 0.6, vendor: "siemens", version: null, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28702", }, { db: "NVD", id: "CVE-2020-15795", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Daniel dos Santos, from Forescout Technologies, and Siemens reported these vulnerabilities to CISA.", sources: [ { db: "CNNVD", id: "CNNVD-202104-998", }, ], trust: 0.6, }, cve: "CVE-2020-15795", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "CVE-2020-15795", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.1, vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.6, confidentialityImpact: "COMPLETE", exploitabilityScore: 4.9, id: "CNVD-2021-28702", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:H/Au:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "HIGH", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.2, id: "CVE-2020-15795", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-15795", trust: 1, value: "HIGH", }, { author: "productcert@siemens.com", id: "CVE-2020-15795", trust: 1, value: "HIGH", }, { author: "CNVD", id: "CNVD-2021-28702", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202104-998", trust: 0.6, value: "HIGH", }, { author: "VULMON", id: "CVE-2020-15795", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28702", }, { db: "VULMON", id: "CVE-2020-15795", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-998", }, { db: "NVD", id: "CVE-2020-15795", }, { db: "NVD", id: "CVE-2020-15795", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name label parsing functionality does not properly validate the names in DNS-responses. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition. The Nucleus NET module contains a series of standard-compliant network and communication protocols, drivers and utilities to provide full-featured network support in any embedded device. \n\r\n\r\nSiemens Nucleus products have cross-border write vulnerabilities. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements", sources: [ { db: "NVD", id: "CVE-2020-15795", }, { db: "CNVD", id: "CNVD-2021-28702", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "VULMON", id: "CVE-2020-15795", }, ], trust: 2.07, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "SIEMENS", id: "SSA-185699", trust: 2.3, }, { db: "NVD", id: "CVE-2020-15795", trust: 2.3, }, { db: "SIEMENS", id: "SSA-180579", trust: 1, }, { db: "ICS CERT", id: "ICSA-21-103-04", trust: 0.7, }, { db: "CNVD", id: "CNVD-2021-28702", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041363", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.1246", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041409", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-998", trust: 0.6, }, { db: "VULMON", id: "CVE-2020-15795", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28702", }, { db: "VULMON", id: "CVE-2020-15795", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-998", }, { db: "NVD", id: "CVE-2020-15795", }, ], }, id: "VAR-202104-1839", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-28702", }, ], trust: 1.1225228600000001, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28702", }, ], }, last_update_date: "2024-11-23T20:50:54.505000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "siemens Nucleus Buffer error vulnerability fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=148259", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=01a7c311af93ac6e3744c16b5c159592", }, ], sources: [ { db: "VULMON", id: "CVE-2020-15795", }, { db: "CNNVD", id: "CNNVD-202104-998", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2020-15795", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.3, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-185699.pdf", }, { trust: 1.3, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-04", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041363", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.1246", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041409", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2020-15795", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/787.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://cert-portal.siemens.com/productcert/txt/ssa-185699.txt", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28702", }, { db: "VULMON", id: "CVE-2020-15795", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-998", }, { db: "NVD", id: "CVE-2020-15795", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-28702", }, { db: "VULMON", id: "CVE-2020-15795", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-998", }, { db: "NVD", id: "CVE-2020-15795", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-15T00:00:00", db: "CNVD", id: "CNVD-2021-28702", }, { date: "2021-04-22T00:00:00", db: "VULMON", id: "CVE-2020-15795", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-998", }, { date: "2021-04-22T21:15:09.090000", db: "NVD", id: "CVE-2020-15795", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-19T00:00:00", db: "CNVD", id: "CNVD-2021-28702", }, { date: "2021-04-30T00:00:00", db: "VULMON", id: "CVE-2020-15795", }, { date: "2021-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2022-01-12T00:00:00", db: "CNNVD", id: "CNNVD-202104-998", }, { date: "2024-11-21T05:06:11.743000", db: "NVD", id: "CVE-2020-15795", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202104-998", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens Nucleus product out-of-bounds write vulnerability", sources: [ { db: "CNVD", id: "CNVD-2021-28702", }, ], trust: 0.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202104-975", }, ], trust: 0.6, }, }
var-202210-0537
Vulnerability from variot
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.7), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.21), APOGEE PXC Modular (BACnet) (All versions < V3.5.7), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.21), Desigo PXC00-E.D (All versions >= V2.3), Desigo PXC00-U (All versions >= V2.3), Desigo PXC001-E.D (All versions >= V2.3), Desigo PXC100-E.D (All versions >= V2.3), Desigo PXC12-E.D (All versions >= V2.3), Desigo PXC128-U (All versions >= V2.3), Desigo PXC200-E.D (All versions >= V2.3), Desigo PXC22-E.D (All versions >= V2.3), Desigo PXC22.1-E.D (All versions >= V2.3), Desigo PXC36.1-E.D (All versions >= V2.3), Desigo PXC50-E.D (All versions >= V2.3), Desigo PXC64-U (All versions >= V2.3), Desigo PXM20-E (All versions >= V2.3), Nucleus NET for Nucleus PLUS V1 (All versions < V5.2a), Nucleus NET for Nucleus PLUS V2 (All versions < V5.4), Nucleus ReadyStart V3 V2012 (All versions < V2012.08.1), Nucleus ReadyStart V3 V2017 (All versions < V2017.02.4), Nucleus Source Code (All versions including affected FTP server), TALON TC Compact (BACnet) (All versions < V3.5.7), TALON TC Modular (BACnet) (All versions < V3.5.7). The FTP server does not properly release memory resources that were reserved for incomplete connection attempts by FTP clients. This could allow a remote attacker to generate a denial of service condition on devices that incorporate a vulnerable version of the FTP server. Nucleus NET , Nucleus ReadyStart V3 , Nucleus Source Code A resource exhaustion vulnerability exists in several Siemens products.Service operation interruption (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202210-0537", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "apogee modular equiment controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "desigo pxc36.1-e.d", scope: "lte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc200-e.d", scope: "lte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "apogee modular building controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "desigo pxc22.1-e.d", scope: "lte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc001-e.d", scope: "lte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "nucleus readystart v3", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "desigo pxc64-u", scope: "lte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "talon tc compact", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "desigo pxc00-e.d", scope: "lte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "nucleus net", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "apogee pxc compact", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "desigo pxc12-e.d", scope: "lte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc50-e.d", scope: "lte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc128-u", scope: "lte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc00-u", scope: "lte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "apogee pxc modular", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus source code", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "desigo pxm20-e", scope: "lte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc100-e.d", scope: "lte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc22-e.d", scope: "lte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "apogee pxc compact", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "desigo pxc001-e.d", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "desigo pxc12-e.d", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "apogee modular building controller", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "apogee modular equiment controller", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "desigo pxm20-e", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "desigo pxc00-e.d", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "desigo pxc64-u", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "desigo pxc36.1-e.d", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "desigo pxc00-u", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "desigo pxc22.1-e.d", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "desigo pxc22-e.d", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "apogee pxc modular", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "nucleus net", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "nucleus source code", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "desigo pxc50-e.d", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "nucleus readystart v3", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "desigo pxc200-e.d", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "desigo pxc128-u", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "desigo pxc100-e.d", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-018827", }, { db: "NVD", id: "CVE-2022-38371", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens reported this vulnerability to CISA.", sources: [ { db: "CNNVD", id: "CNNVD-202210-513", }, ], trust: 0.6, }, cve: "CVE-2022-38371", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2022-38371", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2022-38371", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2022-38371", trust: 1, value: "HIGH", }, { author: "productcert@siemens.com", id: "CVE-2022-38371", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2022-38371", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-202210-513", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-018827", }, { db: "CNNVD", id: "CNNVD-202210-513", }, { db: "NVD", id: "CVE-2022-38371", }, { db: "NVD", id: "CVE-2022-38371", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.7), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.21), APOGEE PXC Modular (BACnet) (All versions < V3.5.7), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.21), Desigo PXC00-E.D (All versions >= V2.3), Desigo PXC00-U (All versions >= V2.3), Desigo PXC001-E.D (All versions >= V2.3), Desigo PXC100-E.D (All versions >= V2.3), Desigo PXC12-E.D (All versions >= V2.3), Desigo PXC128-U (All versions >= V2.3), Desigo PXC200-E.D (All versions >= V2.3), Desigo PXC22-E.D (All versions >= V2.3), Desigo PXC22.1-E.D (All versions >= V2.3), Desigo PXC36.1-E.D (All versions >= V2.3), Desigo PXC50-E.D (All versions >= V2.3), Desigo PXC64-U (All versions >= V2.3), Desigo PXM20-E (All versions >= V2.3), Nucleus NET for Nucleus PLUS V1 (All versions < V5.2a), Nucleus NET for Nucleus PLUS V2 (All versions < V5.4), Nucleus ReadyStart V3 V2012 (All versions < V2012.08.1), Nucleus ReadyStart V3 V2017 (All versions < V2017.02.4), Nucleus Source Code (All versions including affected FTP server), TALON TC Compact (BACnet) (All versions < V3.5.7), TALON TC Modular (BACnet) (All versions < V3.5.7). The FTP server does not properly release memory resources that were reserved for incomplete connection attempts by FTP clients. This could allow a remote attacker to generate a denial of service condition on devices that incorporate a vulnerable version of the FTP server. Nucleus NET , Nucleus ReadyStart V3 , Nucleus Source Code A resource exhaustion vulnerability exists in several Siemens products.Service operation interruption (DoS) It may be in a state", sources: [ { db: "NVD", id: "CVE-2022-38371", }, { db: "JVNDB", id: "JVNDB-2022-018827", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2022-38371", trust: 3.2, }, { db: "SIEMENS", id: "SSA-313313", trust: 2.4, }, { db: "SIEMENS", id: "SSA-935500", trust: 2.4, }, { db: "ICS CERT", id: "ICSA-22-286-07", trust: 1.4, }, { db: "ICS CERT", id: "ICSA-22-286-12", trust: 1.4, }, { db: "JVN", id: "JVNVU92214181", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2022-018827", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2022.5099", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202210-513", trust: 0.6, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-018827", }, { db: "CNNVD", id: "CNNVD-202210-513", }, { db: "NVD", id: "CVE-2022-38371", }, ], }, id: "VAR-202210-0537", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.3919612875, }, last_update_date: "2024-08-14T12:05:51.421000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Siemens Nucleus NET and Nucleus ReadyStart Remediation of resource management error vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=210594", }, ], sources: [ { db: "CNNVD", id: "CNNVD-202210-513", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-400", trust: 1, }, { problemtype: "CWE-401", trust: 1, }, { problemtype: "Resource exhaustion (CWE-400) [ others ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-018827", }, { db: "NVD", id: "CVE-2022-38371", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.4, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-313313.pdf", }, { trust: 2.4, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-935500.pdf", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-313313.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-935500.html", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu92214181/", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2022-38371", }, { trust: 0.8, url: "https://www.cisa.gov/news-events/ics-advisories/icsa-22-286-07", }, { trust: 0.8, url: "https://www.cisa.gov/news-events/ics-advisories/icsa-22-286-12", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-22-286-07", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2022-38371/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.5099", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-22-286-12", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-018827", }, { db: "CNNVD", id: "CNNVD-202210-513", }, { db: "NVD", id: "CVE-2022-38371", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "JVNDB", id: "JVNDB-2022-018827", }, { db: "CNNVD", id: "CNNVD-202210-513", }, { db: "NVD", id: "CVE-2022-38371", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-10-23T00:00:00", db: "JVNDB", id: "JVNDB-2022-018827", }, { date: "2022-10-11T00:00:00", db: "CNNVD", id: "CNNVD-202210-513", }, { date: "2022-10-11T11:15:10.297000", db: "NVD", id: "CVE-2022-38371", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-10-23T08:12:00", db: "JVNDB", id: "JVNDB-2022-018827", }, { date: "2023-02-15T00:00:00", db: "CNNVD", id: "CNNVD-202210-513", }, { date: "2024-05-14T16:15:25.167000", db: "NVD", id: "CVE-2022-38371", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202210-513", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Resource Exhaustion Vulnerability in Multiple Siemens Products", sources: [ { db: "JVNDB", id: "JVNDB-2022-018827", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "resource management error", sources: [ { db: "CNNVD", id: "CNNVD-202210-513", }, ], trust: 0.6, }, }
var-202111-1616
Vulnerability from variot
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “MKD/XMKD” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0018). Multiple Siemens products are vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202111-1616", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "desigo pxc12-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "talon tc modular", scope: "lt", trust: 1, vendor: "siemens", version: "3.5.4", }, { model: "nucleus source code", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "desigo pxc36.1-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc128-u", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc50-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc64-u", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc001-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "apogee pxc compact", scope: "lt", trust: 1, vendor: "siemens", version: "2.8.19", }, { model: "desigo pxc100-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc36.1-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "apogee pxc compact", scope: "lt", trust: 1, vendor: "siemens", version: "3.5.4", }, { model: "nucleus net", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "desigo pxc00-u", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxc12-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxc22-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "apogee modular building controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "desigo pxc22.1-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc128-u", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxm20-e", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc200-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxm20-e", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxc00-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxc22.1-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "apogee pxc modular", scope: "lt", trust: 1, vendor: "siemens", version: "3.5.4", }, { model: "apogee pxc modular", scope: "lt", trust: 1, vendor: "siemens", version: "2.8.19", }, { model: "talon tc compact", scope: "lt", trust: 1, vendor: "siemens", version: "3.5.4", }, { model: "desigo pxc100-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxc22-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "nucleus readystart v3", scope: "lt", trust: 1, vendor: "siemens", version: "2017.02.4", }, { model: "desigo pxc00-u", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc64-u", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxc00-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc001-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "apogee modular equiment controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "desigo pxc200-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc50-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "capital vstar", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "nucleus source code", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "talon tc compact", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "apogee pxc modular", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "nucleus readystart v3", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "talon tc modular", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "apogee modular equiment controller", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "apogee pxc compact", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "apogee modular building controller", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "nucleus net", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-014901", }, { db: "NVD", id: "CVE-2021-31888", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens reported these vulnerabilities to CISA.", sources: [ { db: "CNNVD", id: "CNNVD-202111-841", }, ], trust: 0.6, }, cve: "CVE-2021-31888", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 8, id: "CVE-2021-31888", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.8, vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.8, id: "CVE-2021-31888", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 8.8, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2021-31888", impactScore: null, integrityImpact: "High", privilegesRequired: "Low", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-31888", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2021-31888", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-202111-841", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-014901", }, { db: "CNNVD", id: "CNNVD-202111-841", }, { db: "NVD", id: "CVE-2021-31888", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “MKD/XMKD” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0018). Multiple Siemens products are vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state", sources: [ { db: "NVD", id: "CVE-2021-31888", }, { db: "JVNDB", id: "JVNDB-2021-014901", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-31888", trust: 3.2, }, { db: "SIEMENS", id: "SSA-044112", trust: 1.6, }, { db: "SIEMENS", id: "SSA-114589", trust: 1.6, }, { db: "ICS CERT", id: "ICSA-21-315-07", trust: 1.4, }, { db: "ICS CERT", id: "ICSA-21-313-03", trust: 1.4, }, { db: "JVN", id: "JVNVU95671889", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2021-014901", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2021.3874", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3833", trust: 0.6, }, { db: "CS-HELP", id: "SB2021111003", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202111-841", trust: 0.6, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-014901", }, { db: "CNNVD", id: "CNNVD-202111-841", }, { db: "NVD", id: "CVE-2021-31888", }, ], }, id: "VAR-202111-1616", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.41785447777777773, }, last_update_date: "2024-08-14T12:35:59.299000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "SSA-044112 Siemens Security Advisory", trust: 0.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, { title: "Siemens Nucleus ReadyStart Buffer error vulnerability fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=174346", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-014901", }, { db: "CNNVD", id: "CNNVD-202111-841", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1, }, { problemtype: "CWE-170", trust: 1, }, { problemtype: "Out-of-bounds writing (CWE-787) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-014901", }, { db: "NVD", id: "CVE-2021-31888", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { trust: 0.8, url: "http://jvn.jp/vu/jvnvu95671889/index.html", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2021-31888", }, { trust: 0.8, url: "https://www.cisa.gov/uscert/ics/advisories/icsa-21-313-03", }, { trust: 0.8, url: "https://www.cisa.gov/uscert/ics/advisories/icsa-21-315-07", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021111003", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3874", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3833", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-07", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-313-03", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-014901", }, { db: "CNNVD", id: "CNNVD-202111-841", }, { db: "NVD", id: "CVE-2021-31888", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "JVNDB", id: "JVNDB-2021-014901", }, { db: "CNNVD", id: "CNNVD-202111-841", }, { db: "NVD", id: "CVE-2021-31888", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-10-31T00:00:00", db: "JVNDB", id: "JVNDB-2021-014901", }, { date: "2021-11-09T00:00:00", db: "CNNVD", id: "CNNVD-202111-841", }, { date: "2021-11-09T12:15:09.640000", db: "NVD", id: "CVE-2021-31888", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-10-31T07:53:00", db: "JVNDB", id: "JVNDB-2021-014901", }, { date: "2022-05-23T00:00:00", db: "CNNVD", id: "CNNVD-202111-841", }, { date: "2023-05-16T10:50:54.340000", db: "NVD", id: "CVE-2021-31888", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202111-841", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Out-of-bounds write vulnerabilities in multiple Siemens products", sources: [ { db: "JVNDB", id: "JVNDB-2021-014901", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202111-841", }, ], trust: 0.6, }, }
var-202104-1829
Vulnerability from variot
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions >= V0.5.0.0 < V1.0.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the DNS cache or spoof DNS resolving. SIMOTICS CONNECT 400 is a connector and sensor box installed on a low-voltage motor and provides analysis data for the MindSphere application SIDRIVE IQ Fleet.
Siemens SIMOTICS CONNECT 400 has security vulnerabilities. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202104-1829", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nucleus readystart v3", scope: "lt", trust: 1, vendor: "siemens", version: "2017.02.4", }, { model: "nucleus source code", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "nucleus net", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus readystart v4", scope: "lt", trust: 1, vendor: "siemens", version: "4.1.0", }, { model: "simotics connect 400", scope: "gte", trust: 1, vendor: "siemens", version: "0.5.0.0", }, { model: "simotics connect", scope: "eq", trust: 0.6, vendor: "siemens", version: "400>=v0.5.0.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28704", }, { db: "NVD", id: "CVE-2021-25677", }, ], }, cve: "CVE-2021-25677", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CVE-2021-25677", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.1, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2021-28704", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2021-25677", impactScore: 1.4, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-25677", trust: 1, value: "MEDIUM", }, { author: "productcert@siemens.com", id: "CVE-2021-25677", trust: 1, value: "MEDIUM", }, { author: "CNVD", id: "CNVD-2021-28704", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202104-937", trust: 0.6, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2021-25677", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28704", }, { db: "VULMON", id: "CVE-2021-25677", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-937", }, { db: "NVD", id: "CVE-2021-25677", }, { db: "NVD", id: "CVE-2021-25677", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions >= V0.5.0.0 < V1.0.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the DNS cache or spoof DNS resolving. SIMOTICS CONNECT 400 is a connector and sensor box installed on a low-voltage motor and provides analysis data for the MindSphere application SIDRIVE IQ Fleet. \n\r\n\r\nSiemens SIMOTICS CONNECT 400 has security vulnerabilities. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements", sources: [ { db: "NVD", id: "CVE-2021-25677", }, { db: "CNVD", id: "CNVD-2021-28704", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "VULMON", id: "CVE-2021-25677", }, ], trust: 2.07, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "SIEMENS", id: "SSA-669158", trust: 2.3, }, { db: "NVD", id: "CVE-2021-25677", trust: 2.3, }, { db: "SIEMENS", id: "SSA-705111", trust: 1.7, }, { db: "SIEMENS", id: "SSA-180579", trust: 1, }, { db: "CNVD", id: "CNVD-2021-28704", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041363", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-103-13", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041406", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041516", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-937", trust: 0.6, }, { db: "VULMON", id: "CVE-2021-25677", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28704", }, { db: "VULMON", id: "CVE-2021-25677", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-937", }, { db: "NVD", id: "CVE-2021-25677", }, ], }, id: "VAR-202104-1829", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-28704", }, ], trust: 1.1595598933333333, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28704", }, ], }, last_update_date: "2024-11-23T20:10:09.634000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Patch for Siemens SIMOTICS CONNECT 400 has unspecified vulnerabilities", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/258581", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=53e7f522de1910b1af8f6f92fe53b3b1", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=8f932b97a970d1020015c1a82a730e96", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28704", }, { db: "VULMON", id: "CVE-2021-25677", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-330", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2021-25677", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.3, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf", }, { trust: 1.7, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041363", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-13", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2021-25677", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041406", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041516", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/330.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://cert-portal.siemens.com/productcert/txt/ssa-669158.txt", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28704", }, { db: "VULMON", id: "CVE-2021-25677", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-937", }, { db: "NVD", id: "CVE-2021-25677", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-28704", }, { db: "VULMON", id: "CVE-2021-25677", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-937", }, { db: "NVD", id: "CVE-2021-25677", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-15T00:00:00", db: "CNVD", id: "CNVD-2021-28704", }, { date: "2021-04-22T00:00:00", db: "VULMON", id: "CVE-2021-25677", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-937", }, { date: "2021-04-22T21:15:10.207000", db: "NVD", id: "CVE-2021-25677", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-15T00:00:00", db: "CNVD", id: "CNVD-2021-28704", }, { date: "2021-04-30T00:00:00", db: "VULMON", id: "CVE-2021-25677", }, { date: "2021-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2022-03-09T00:00:00", db: "CNNVD", id: "CNNVD-202104-937", }, { date: "2024-11-21T05:55:16.807000", db: "NVD", id: "CVE-2021-25677", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202104-937", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens SIMOTICS CONNECT 400 has unspecified vulnerabilities", sources: [ { db: "CNVD", id: "CNVD-2021-28704", }, ], trust: 0.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202104-975", }, ], trust: 0.6, }, }
var-202111-1611
Vulnerability from variot
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions < V1.0.0.0). The total length of an ICMP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0007)
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202111-1611", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nucleus readystart v4", scope: "lt", trust: 1, vendor: "siemens", version: "4.1.1", }, { model: "apogee modular building controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "talon tc compact", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "apogee pxc compact", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus net", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus source code", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "apogee pxc modular", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "talon tc modular", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "capital vstar", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus readystart v3", scope: "lt", trust: 1, vendor: "siemens", version: "2017.02.1", }, { model: "apogee modular equiment controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, ], sources: [ { db: "NVD", id: "CVE-2021-31346", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens reported these vulnerabilities to CISA.", sources: [ { db: "CNNVD", id: "CNNVD-202111-851", }, ], trust: 0.6, }, cve: "CVE-2021-31346", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2021-31346", impactScore: 4.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2021-31346", impactScore: 5.2, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "productcert@siemens.com", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "LOW", exploitabilityScore: 3.9, id: "CVE-2021-31346", impactScore: 4.2, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-31346", trust: 1, value: "CRITICAL", }, { author: "productcert@siemens.com", id: "CVE-2021-31346", trust: 1, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202111-851", trust: 0.6, value: "CRITICAL", }, ], }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-851", }, { db: "NVD", id: "CVE-2021-31346", }, { db: "NVD", id: "CVE-2021-31346", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions < V1.0.0.0). The total length of an ICMP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0007)", sources: [ { db: "NVD", id: "CVE-2021-31346", }, ], trust: 1, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-31346", trust: 1.6, }, { db: "SIEMENS", id: "SSA-620288", trust: 1.6, }, { db: "SIEMENS", id: "SSA-044112", trust: 1.6, }, { db: "SIEMENS", id: "SSA-845392", trust: 1.6, }, { db: "SIEMENS", id: "SSA-223353", trust: 1.6, }, { db: "SIEMENS", id: "SSA-114589", trust: 1.6, }, { db: "AUSCERT", id: "ESB-2022.0094", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3874", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.4289", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3833", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-22-013-03", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-22-069-02", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-350-06", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-313-03", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-315-07", trust: 0.6, }, { db: "CS-HELP", id: "SB2022031013", trust: 0.6, }, { db: "CS-HELP", id: "SB2021111003", trust: 0.6, }, { db: "CS-HELP", id: "SB2021121648", trust: 0.6, }, { db: "CS-HELP", id: "SB2022011803", trust: 0.6, }, { db: "CS-HELP", id: "SB2022010910", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202111-851", trust: 0.6, }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-851", }, { db: "NVD", id: "CVE-2021-31346", }, ], }, id: "VAR-202111-1611", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.544069276, }, last_update_date: "2024-10-08T21:00:05.053000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "siemens Nucleus Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=185269", }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-851", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-1284", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2021-31346", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-223353.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-044112.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-114589.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-223353.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-620288.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-845392.html", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021111003", }, { trust: 0.6, url: "https://source.android.com/security/bulletin/2022-01-01", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.0094", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3833", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2021-31346", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-22-069-02", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3874", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-january-2022-37172", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.4289", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022011803", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-22-013-03", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021121648", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-07", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022010910", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-350-06", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022031013", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-313-03", }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-851", }, { db: "NVD", id: "CVE-2021-31346", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNNVD", id: "CNNVD-202111-851", }, { db: "NVD", id: "CVE-2021-31346", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-11-09T00:00:00", db: "CNNVD", id: "CNNVD-202111-851", }, { date: "2021-11-09T12:15:09.200000", db: "NVD", id: "CVE-2021-31346", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-05-23T00:00:00", db: "CNNVD", id: "CNNVD-202111-851", }, { date: "2024-10-08T09:15:04.353000", db: "NVD", id: "CVE-2021-31346", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202111-851", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens Nucleus Security hole", sources: [ { db: "CNNVD", id: "CNNVD-202111-851", }, ], trust: 0.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202111-851", }, ], trust: 0.6, }, }
var-202111-1606
Vulnerability from variot
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.1), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). TFTP server application allows for reading the contents of the TFTP memory buffer via sending malformed TFTP commands. (FSMD-2021-0009). Several Siemens products contain vulnerabilities in accessing buffers with improper length values.Information may be obtained
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202111-1606", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nucleus readystart v4", scope: "lt", trust: 1, vendor: "siemens", version: "4.1.1", }, { model: "capital vstar", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "apogee pxc compact", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus source code", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "talon tc compact", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "apogee pxc modular", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "talon tc modular", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus readystart v3", scope: "lt", trust: 1, vendor: "siemens", version: "2017.02.4", }, { model: "nucleus net", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "apogee modular equiment controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "apogee modular building controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus readystart v4", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "nucleus readystart v3", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "apogee modular equiment controller", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "talon tc modular", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "apogee modular building controller", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "apogee pxc modular", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "apogee pxc compact", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "nucleus net", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "nucleus source code", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "capital vstar", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "talon tc compact", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-006566", }, { db: "NVD", id: "CVE-2021-31885", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens reported these vulnerabilities to CISA.", sources: [ { db: "CNNVD", id: "CNNVD-202111-845", }, ], trust: 0.6, }, cve: "CVE-2021-31885", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2021-31885", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.8, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2021-31885", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2021-31885", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-31885", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2021-31885", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-202111-845", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-006566", }, { db: "CNNVD", id: "CNNVD-202111-845", }, { db: "NVD", id: "CVE-2021-31885", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.1), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). TFTP server application allows for reading the contents of the TFTP memory buffer via sending malformed TFTP commands. (FSMD-2021-0009). Several Siemens products contain vulnerabilities in accessing buffers with improper length values.Information may be obtained", sources: [ { db: "NVD", id: "CVE-2021-31885", }, { db: "JVNDB", id: "JVNDB-2021-006566", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-31885", trust: 3.2, }, { db: "SIEMENS", id: "SSA-044112", trust: 1.6, }, { db: "SIEMENS", id: "SSA-845392", trust: 1.6, }, { db: "SIEMENS", id: "SSA-114589", trust: 1.6, }, { db: "JVN", id: "JVNVU98508242", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2021-006566", trust: 0.8, }, { db: "ICS CERT", id: "ICSA-21-313-03", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-315-07", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-22-013-03", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3874", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3833", trust: 0.6, }, { db: "CS-HELP", id: "SB2021111003", trust: 0.6, }, { db: "CS-HELP", id: "SB2022011803", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202111-845", trust: 0.6, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-006566", }, { db: "CNNVD", id: "CNNVD-202111-845", }, { db: "NVD", id: "CVE-2021-31885", }, ], }, id: "VAR-202111-1606", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.544069276, }, last_update_date: "2024-08-14T13:10:16.122000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Multiple Vulnerabilities in Nucleus RTOS based APOGEE, TALON and Desigo PXC/PXM Products", trust: 0.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, { title: "Siemens Nucleus ReadyStart Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=178540", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-006566", }, { db: "CNNVD", id: "CNNVD-202111-845", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-805", trust: 1, }, { problemtype: "Accessing the buffer with improper length values (CWE-805) [ Other ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-006566", }, { db: "NVD", id: "CVE-2021-31885", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu98508242/", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2021-31885", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021111003", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3874", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022011803", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-22-013-03", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3833", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-07", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-313-03", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-006566", }, { db: "CNNVD", id: "CNNVD-202111-845", }, { db: "NVD", id: "CVE-2021-31885", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "JVNDB", id: "JVNDB-2021-006566", }, { db: "CNNVD", id: "CNNVD-202111-845", }, { db: "NVD", id: "CVE-2021-31885", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-01-13T00:00:00", db: "JVNDB", id: "JVNDB-2021-006566", }, { date: "2021-11-09T00:00:00", db: "CNNVD", id: "CNNVD-202111-845", }, { date: "2021-11-09T12:15:09.487000", db: "NVD", id: "CVE-2021-31885", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-01-13T06:17:00", db: "JVNDB", id: "JVNDB-2021-006566", }, { date: "2022-05-23T00:00:00", db: "CNNVD", id: "CNNVD-202111-845", }, { date: "2022-05-20T13:15:12.843000", db: "NVD", id: "CVE-2021-31885", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202111-845", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Vulnerability in accessing buffers with improper length values in multiple Siemens products", sources: [ { db: "JVNDB", id: "JVNDB-2021-006566", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202111-845", }, ], trust: 0.6, }, }
var-202001-1848
Vulnerability from variot
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus Source Code (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value. Several Siemens products contain input validation vulnerabilities.Information is falsified and denial of service (DoS) May be in a state. Nucleus RTOS provides a highly scalable, microkernel-based, real-time operating system designed for scalability and reliability in systems spanning aerospace, industrial, and medical applications.
The Siemens Mentor Nucleus Networking Module has a security vulnerability. ** ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. Adjacent network access is required, but no authentication and no user interaction is needed to conduct an attack
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202001-1848", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nucleus source code", scope: "eq", trust: 1.2, vendor: "siemens", version: "*", }, { model: "nucleus safetycert", scope: "eq", trust: 1.2, vendor: "siemens", version: "*", }, { model: "nucleus rtos", scope: "eq", trust: 1.2, vendor: "siemens", version: "*", }, { model: "nucleus net", scope: "eq", trust: 1.2, vendor: "siemens", version: "*", }, { model: "desigo pxc00-u", scope: "gte", trust: 1, vendor: "siemens", version: "2.3.0", }, { model: "desigo pxc00-u", scope: "lt", trust: 1, vendor: "siemens", version: "6.00.327", }, { model: "desigo pxc22.1-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3.0", }, { model: "desigo pxc22-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.00.327", }, { model: "apogee modular building controller", scope: "lt", trust: 1, vendor: "siemens", version: "2.8.2", }, { model: "desigo pxc00-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3.0", }, { model: "desigo pxc00-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.00.327", }, { model: "simotics connect 400", scope: "lte", trust: 1, vendor: "siemens", version: "0.3.0.95", }, { model: "nucleus readystart", scope: "lt", trust: 1, vendor: "siemens", version: "2017.02.2", }, { model: "desigo pxc22-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3.0", }, { model: "desigopxc128-u", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "desigopxm20-e", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "desigo pxc36.1-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3.0", }, { model: "desigo pxc", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "apogee modular equiment controller", scope: "lt", trust: 1, vendor: "siemens", version: "2.8.2", }, { model: "desigopxc50-e.d", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "desigo pxc001-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3.0", }, { model: "desigo pxc001-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.00.327", }, { model: "desigo pxc12-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3.0", }, { model: "desigo pxc12-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.00.327", }, { model: "desigo pxc36.1-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.00.327", }, { model: "desigopxc64-u", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "desigopxc200-e.d", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "desigo pxm20", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "capital vstar", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "apogee pxc", scope: "lte", trust: 1, vendor: "siemens", version: "2.8.2", }, { model: "desigo pxc22.1-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.00.327", }, { model: "desigopxc100-e.d", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "talon tc", scope: "gte", trust: 1, vendor: "siemens", version: "3.0", }, { model: "nucleus net", scope: "eq", trust: 0.8, vendor: "シーメンス", version: null, }, { model: "nucleus readystart", scope: "eq", trust: 0.8, vendor: "シーメンス", version: null, }, { model: "nucleus safetycert", scope: "eq", trust: 0.8, vendor: "シーメンス", version: null, }, { model: "nucleus source code", scope: "eq", trust: 0.8, vendor: "シーメンス", version: null, }, { model: "vstar", scope: "eq", trust: 0.8, vendor: "シーメンス", version: null, }, { model: "nucleus rtos", scope: "eq", trust: 0.8, vendor: "シーメンス", version: null, }, { model: "nucleus net", scope: null, trust: 0.6, vendor: "siemens", version: null, }, { model: "nucleus rtos", scope: null, trust: 0.6, vendor: "siemens", version: null, }, { model: "nucleus readystart for arm,mips,and ppc v2017.02.2", scope: "lt", trust: 0.6, vendor: "siemens", version: null, }, { model: "nucleus safetycert", scope: null, trust: 0.6, vendor: "siemens", version: null, }, { model: "nucleus source code", scope: null, trust: 0.6, vendor: "siemens", version: null, }, { model: "vstar", scope: null, trust: 0.6, vendor: "siemens", version: null, }, { model: "vstar", scope: "eq", trust: 0.2, vendor: "siemens", version: "*", }, { model: "nucleus readystart for arm mips and ppc nucleus2017.02.02 nucleus net patch", scope: "lt", trust: 0.2, vendor: "siemens", version: "v2017.02.2()", }, ], sources: [ { db: "IVD", id: "40768cf9-1948-4815-8773-a73bf2de3c14", }, { db: "CNVD", id: "CNVD-2019-40512", }, { db: "JVNDB", id: "JVNDB-2019-014365", }, { db: "NVD", id: "CVE-2019-13939", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens reported this vulnerability to CISA.", sources: [ { db: "CNNVD", id: "CNNVD-201911-1004", }, ], trust: 0.6, }, cve: "CVE-2019-13939", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 4.8, confidentialityImpact: "NONE", exploitabilityScore: 6.5, id: "CVE-2019-13939", impactScore: 4.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.9, vectorString: "AV:A/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "NONE", exploitabilityScore: 6.5, id: "CNVD-2019-40512", impactScore: 7.8, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:A/AC:L/Au:N/C:N/I:P/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "NONE", exploitabilityScore: 6.5, id: "40768cf9-1948-4815-8773-a73bf2de3c14", impactScore: 7.8, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.2, vectorString: "AV:A/AC:L/Au:N/C:N/I:P/A:C", version: "2.9 [IVD]", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "ADJACENT", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 2.8, id: "CVE-2019-13939", impactScore: 4.2, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Adjacent Network", author: "NVD", availabilityImpact: "High", baseScore: 7.1, baseSeverity: "High", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2019-13939", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2019-13939", trust: 1, value: "HIGH", }, { author: "productcert@siemens.com", id: "CVE-2019-13939", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2019-13939", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2019-40512", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201911-1004", trust: 0.6, value: "HIGH", }, { author: "IVD", id: "40768cf9-1948-4815-8773-a73bf2de3c14", trust: 0.2, value: "HIGH", }, { author: "VULMON", id: "CVE-2019-13939", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "IVD", id: "40768cf9-1948-4815-8773-a73bf2de3c14", }, { db: "CNVD", id: "CNVD-2019-40512", }, { db: "VULMON", id: "CVE-2019-13939", }, { db: "JVNDB", id: "JVNDB-2019-014365", }, { db: "CNNVD", id: "CNNVD-201911-1004", }, { db: "NVD", id: "CVE-2019-13939", }, { db: "NVD", id: "CVE-2019-13939", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus Source Code (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value. Several Siemens products contain input validation vulnerabilities.Information is falsified and denial of service (DoS) May be in a state. Nucleus RTOS provides a highly scalable, microkernel-based, real-time operating system designed for scalability and reliability in systems spanning aerospace, industrial, and medical applications. \n\nThe Siemens Mentor Nucleus Networking Module has a security vulnerability. ** ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. Adjacent network access is required, but no authentication and no user interaction is needed to conduct an attack", sources: [ { db: "NVD", id: "CVE-2019-13939", }, { db: "JVNDB", id: "JVNDB-2019-014365", }, { db: "CNVD", id: "CNVD-2019-40512", }, { db: "IVD", id: "40768cf9-1948-4815-8773-a73bf2de3c14", }, { db: "VULMON", id: "CVE-2019-13939", }, ], trust: 2.43, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-13939", trust: 3.3, }, { db: "SIEMENS", id: "SSA-434032", trust: 2.3, }, { db: "SIEMENS", id: "SSA-162506", trust: 1.7, }, { db: "ICS CERT", id: "ICSA-20-105-06", trust: 1.7, }, { db: "CNVD", id: "CNVD-2019-40512", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201911-1004", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-014365", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2019.4317", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.1316", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-19-318-01", trust: 0.6, }, { db: "IVD", id: "40768CF9-1948-4815-8773-A73BF2DE3C14", trust: 0.2, }, { db: "VULMON", id: "CVE-2019-13939", trust: 0.1, }, ], sources: [ { db: "IVD", id: "40768cf9-1948-4815-8773-a73bf2de3c14", }, { db: "CNVD", id: "CNVD-2019-40512", }, { db: "VULMON", id: "CVE-2019-13939", }, { db: "JVNDB", id: "JVNDB-2019-014365", }, { db: "CNNVD", id: "CNNVD-201911-1004", }, { db: "NVD", id: "CVE-2019-13939", }, ], }, id: "VAR-202001-1848", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "40768cf9-1948-4815-8773-a73bf2de3c14", }, { db: "CNVD", id: "CNVD-2019-40512", }, ], trust: 1.2041140625, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "40768cf9-1948-4815-8773-a73bf2de3c14", }, { db: "CNVD", id: "CNVD-2019-40512", }, ], }, last_update_date: "2024-11-23T23:11:34.750000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "SSA-434032", trust: 0.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf", }, { title: "Patch for Unknown vulnerability in Siemens Mentor Nucleus Networking Module", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/189921", }, { title: "Siemens Mentor Nucleus Multiple module input verification error vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=102969", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=1d3485226953a78b85a97370300ecdef", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=ac20b09bb530d9b8d4b71cc160e36049", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-40512", }, { db: "VULMON", id: "CVE-2019-13939", }, { db: "JVNDB", id: "JVNDB-2019-014365", }, { db: "CNNVD", id: "CNNVD-201911-1004", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-20", trust: 1, }, { problemtype: "NVD-CWE-noinfo", trust: 1, }, { problemtype: "Incorrect input confirmation (CWE-20) [NVD Evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-014365", }, { db: "NVD", id: "CVE-2019-13939", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.3, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf", }, { trust: 2.3, url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06", }, { trust: 1.7, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-162506.pdf", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-13939", }, { trust: 1.2, url: "https://www.us-cert.gov/ics/advisories/icsa-20-105-06", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-434032.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-162506.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.1316/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.4317/", }, { trust: 0.6, url: "https://www.us-cert.gov/ics/advisories/icsa-19-318-01", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://www.cisa.gov/uscert/ics/advisories/icsa-20-105-06", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-40512", }, { db: "VULMON", id: "CVE-2019-13939", }, { db: "JVNDB", id: "JVNDB-2019-014365", }, { db: "CNNVD", id: "CNNVD-201911-1004", }, { db: "NVD", id: "CVE-2019-13939", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "40768cf9-1948-4815-8773-a73bf2de3c14", }, { db: "CNVD", id: "CNVD-2019-40512", }, { db: "VULMON", id: "CVE-2019-13939", }, { db: "JVNDB", id: "JVNDB-2019-014365", }, { db: "CNNVD", id: "CNNVD-201911-1004", }, { db: "NVD", id: "CVE-2019-13939", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-11-14T00:00:00", db: "IVD", id: "40768cf9-1948-4815-8773-a73bf2de3c14", }, { date: "2019-11-14T00:00:00", db: "CNVD", id: "CNVD-2019-40512", }, { date: "2020-01-16T00:00:00", db: "VULMON", id: "CVE-2019-13939", }, { date: "2020-02-12T00:00:00", db: "JVNDB", id: "JVNDB-2019-014365", }, { date: "2019-11-14T00:00:00", db: "CNNVD", id: "CNNVD-201911-1004", }, { date: "2020-01-16T16:15:16.277000", db: "NVD", id: "CVE-2019-13939", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-11-14T00:00:00", db: "CNVD", id: "CNVD-2019-40512", }, { date: "2022-04-12T00:00:00", db: "VULMON", id: "CVE-2019-13939", }, { date: "2020-02-12T00:00:00", db: "JVNDB", id: "JVNDB-2019-014365", }, { date: "2022-05-23T00:00:00", db: "CNNVD", id: "CNNVD-201911-1004", }, { date: "2024-11-21T04:25:44.123000", db: "NVD", id: "CVE-2019-13939", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote or local", sources: [ { db: "CNNVD", id: "CNNVD-201911-1004", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Input validation vulnerabilities in multiple Siemens products", sources: [ { db: "JVNDB", id: "JVNDB-2019-014365", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Input validation error", sources: [ { db: "IVD", id: "40768cf9-1948-4815-8773-a73bf2de3c14", }, { db: "CNNVD", id: "CNNVD-201911-1004", }, ], trust: 0.8, }, }
var-202111-1607
Vulnerability from variot
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Capital VSTAR (All versions with enabled Ethernet options), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). The DHCP client application assumes that the data supplied with the “Hostname” DHCP option is NULL terminated. In cases when global hostname variable is not defined, this may lead to Out-of-bound reads, writes, and Denial-of-service conditions. (FSMD-2021-0014)
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202111-1607", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "desigo pxc12-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "nucleus source code", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "desigo pxc36.1-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc64-u", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "nucleus readystart v3", scope: "lt", trust: 1, vendor: "siemens", version: "2017.02.1", }, { model: "desigo pxc22-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxc200-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxc00-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxc22.1-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "apogee pxc modular", scope: "lt", trust: 1, vendor: "siemens", version: "3.5.4", }, { model: "apogee pxc modular", scope: "lt", trust: 1, vendor: "siemens", version: "2.8.19", }, { model: "talon tc compact", scope: "lt", trust: 1, vendor: "siemens", version: "3.5.4", }, { model: "desigo pxc100-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxc22-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc00-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc001-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxc128-u", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxc200-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc50-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "talon tc modular", scope: "lt", trust: 1, vendor: "siemens", version: "3.5.4", }, { model: "desigo pxc128-u", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc50-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc100-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc001-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "apogee pxc compact", scope: "lt", trust: 1, vendor: "siemens", version: "2.8.19", }, { model: "desigo pxc36.1-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "apogee pxc compact", scope: "lt", trust: 1, vendor: "siemens", version: "3.5.4", }, { model: "nucleus net", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "desigo pxc00-u", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxc12-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxc22.1-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "apogee modular building controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "desigo pxm20-e", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "capital vstar", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "desigo pxc00-u", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc64-u", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "apogee modular equiment controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "desigo pxm20-e", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, ], sources: [ { db: "NVD", id: "CVE-2021-31884", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens reported these vulnerabilities to CISA.", sources: [ { db: "CNNVD", id: "CNNVD-202111-846", }, ], trust: 0.6, }, cve: "CVE-2021-31884", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2021-31884", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 1, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2021-31884", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-31884", trust: 1, value: "CRITICAL", }, { author: "CNNVD", id: "CNNVD-202111-846", trust: 0.6, value: "CRITICAL", }, ], }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-846", }, { db: "NVD", id: "CVE-2021-31884", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Capital VSTAR (All versions with enabled Ethernet options), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). The DHCP client application assumes that the data supplied with the “Hostname” DHCP option is NULL terminated. In cases when global hostname variable is not defined, this may lead to Out-of-bound reads, writes, and Denial-of-service conditions. (FSMD-2021-0014)", sources: [ { db: "NVD", id: "CVE-2021-31884", }, ], trust: 1, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "SIEMENS", id: "SSA-620288", trust: 1.6, }, { db: "SIEMENS", id: "SSA-114589", trust: 1.6, }, { db: "SIEMENS", id: "SSA-044112", trust: 1.6, }, { db: "NVD", id: "CVE-2021-31884", trust: 1.6, }, { db: "AUSCERT", id: "ESB-2021.3874", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3833", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.4289", trust: 0.6, }, { db: "CS-HELP", id: "SB2021111003", trust: 0.6, }, { db: "CS-HELP", id: "SB2021121648", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-315-07", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-313-03", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-350-06", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202111-846", trust: 0.6, }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-846", }, { db: "NVD", id: "CVE-2021-31884", }, ], }, id: "VAR-202111-1607", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.41785447777777773, }, last_update_date: "2024-08-14T12:26:13.797000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Siemens Nucleus ReadyStart Buffer error vulnerability fix", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=174352", }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-846", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "NVD-CWE-Other", trust: 1, }, { problemtype: "CWE-170", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2021-31884", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021111003", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3874", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.4289", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021121648", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3833", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-07", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-350-06", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-313-03", }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-846", }, { db: "NVD", id: "CVE-2021-31884", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNNVD", id: "CNNVD-202111-846", }, { db: "NVD", id: "CVE-2021-31884", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-11-09T00:00:00", db: "CNNVD", id: "CNNVD-202111-846", }, { date: "2021-11-09T12:15:09.437000", db: "NVD", id: "CVE-2021-31884", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-06-27T00:00:00", db: "CNNVD", id: "CNNVD-202111-846", }, { date: "2023-06-26T19:15:56.157000", db: "NVD", id: "CVE-2021-31884", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202111-846", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens Nucleus ReadyStart Security hole", sources: [ { db: "CNNVD", id: "CNNVD-202111-846", }, ], trust: 0.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202111-846", }, ], trust: 0.6, }, }
var-202111-1612
Vulnerability from variot
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions). The total length of an UDP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on a user-defined applications that runs on top of the UDP protocol. (FSMD-2021-0006)
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202111-1612", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nucleus readystart v3", scope: "lt", trust: 1, vendor: "siemens", version: "2014.12", }, { model: "apogee modular building controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "talon tc compact", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "apogee pxc compact", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus net", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus source code", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "apogee pxc modular", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "talon tc modular", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "capital vstar", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "apogee modular equiment controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, ], sources: [ { db: "NVD", id: "CVE-2021-31345", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens reported these vulnerabilities to CISA.", sources: [ { db: "CNNVD", id: "CNNVD-202111-853", }, ], trust: 0.6, }, cve: "CVE-2021-31345", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2021-31345", impactScore: 4.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2021-31345", impactScore: 5.2, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "productcert@siemens.com", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2021-31345", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-31345", trust: 1, value: "CRITICAL", }, { author: "productcert@siemens.com", id: "CVE-2021-31345", trust: 1, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202111-853", trust: 0.6, value: "CRITICAL", }, ], }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-853", }, { db: "NVD", id: "CVE-2021-31345", }, { db: "NVD", id: "CVE-2021-31345", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions). The total length of an UDP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on a user-defined applications that runs on top of the UDP protocol. (FSMD-2021-0006)", sources: [ { db: "NVD", id: "CVE-2021-31345", }, ], trust: 1, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-31345", trust: 1.6, }, { db: "SIEMENS", id: "SSA-620288", trust: 1.6, }, { db: "SIEMENS", id: "SSA-044112", trust: 1.6, }, { db: "SIEMENS", id: "SSA-845392", trust: 1.6, }, { db: "SIEMENS", id: "SSA-114589", trust: 1.6, }, { db: "ICS CERT", id: "ICSA-21-350-06", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-313-03", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-315-07", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-22-013-03", trust: 0.6, }, { db: "CS-HELP", id: "SB2021121648", trust: 0.6, }, { db: "CS-HELP", id: "SB2022010910", trust: 0.6, }, { db: "CS-HELP", id: "SB2021111003", trust: 0.6, }, { db: "CS-HELP", id: "SB2022011803", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.0094", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3874", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.4289", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3833", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202111-853", trust: 0.6, }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-853", }, { db: "NVD", id: "CVE-2021-31345", }, ], }, id: "VAR-202111-1612", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.544069276, }, last_update_date: "2024-10-08T21:00:09.032000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Siemens Nucleus ReadyStart Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=178542", }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-853", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-1284", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2021-31345", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-044112.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-114589.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-620288.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-845392.html", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021111003", }, { trust: 0.6, url: "https://source.android.com/security/bulletin/2022-01-01", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.0094", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3833", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2021-31345", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3874", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-january-2022-37172", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.4289", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022011803", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-22-013-03", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021121648", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-07", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022010910", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-350-06", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-313-03", }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-853", }, { db: "NVD", id: "CVE-2021-31345", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNNVD", id: "CNNVD-202111-853", }, { db: "NVD", id: "CVE-2021-31345", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-11-09T00:00:00", db: "CNNVD", id: "CNNVD-202111-853", }, { date: "2021-11-09T12:15:09.143000", db: "NVD", id: "CVE-2021-31345", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-05-23T00:00:00", db: "CNNVD", id: "CNNVD-202111-853", }, { date: "2024-10-08T09:15:04.067000", db: "NVD", id: "CVE-2021-31345", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202111-853", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens Nucleus Security hole", sources: [ { db: "CNNVD", id: "CNNVD-202111-853", }, ], trust: 0.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202111-853", }, ], trust: 0.6, }, }
var-202111-1610
Vulnerability from variot
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303). When processing a DHCP OFFER message, the DHCP client application does not validate the length of the Vendor option(s), leading to Denial-of-Service conditions. (FSMD-2021-0008)
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202111-1610", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nucleus readystart v3", scope: "lt", trust: 1, vendor: "siemens", version: "2012.08", }, { model: "apogee modular building controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "talon tc compact", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "apogee pxc compact", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus net", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus source code", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "apogee pxc modular", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "talon tc modular", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "capital vstar", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "apogee modular equiment controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, ], sources: [ { db: "NVD", id: "CVE-2021-31881", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens reported these vulnerabilities to CISA.", sources: [ { db: "CNNVD", id: "CNNVD-202111-849", }, ], trust: 0.6, }, cve: "CVE-2021-31881", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CVE-2021-31881", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2021-31881", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "ADJACENT", author: "productcert@siemens.com", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2021-31881", impactScore: 4.2, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-31881", trust: 1, value: "HIGH", }, { author: "productcert@siemens.com", id: "CVE-2021-31881", trust: 1, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202111-849", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-849", }, { db: "NVD", id: "CVE-2021-31881", }, { db: "NVD", id: "CVE-2021-31881", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303). When processing a DHCP OFFER message, the DHCP client application does not validate the length of the Vendor option(s), leading to Denial-of-Service conditions. (FSMD-2021-0008)", sources: [ { db: "NVD", id: "CVE-2021-31881", }, ], trust: 1, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "SIEMENS", id: "SSA-114589", trust: 1.6, }, { db: "SIEMENS", id: "SSA-620288", trust: 1.6, }, { db: "SIEMENS", id: "SSA-044112", trust: 1.6, }, { db: "NVD", id: "CVE-2021-31881", trust: 1.6, }, { db: "ICS CERT", id: "ICSA-21-350-06", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-313-03", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-315-07", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3874", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.4289", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3833", trust: 0.6, }, { db: "CS-HELP", id: "SB2021111003", trust: 0.6, }, { db: "CS-HELP", id: "SB2021121648", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202111-849", trust: 0.6, }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-849", }, { db: "NVD", id: "CVE-2021-31881", }, ], }, id: "VAR-202111-1610", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.544069276, }, last_update_date: "2024-10-08T21:14:25.166000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Siemens Nucleus ReadyStart Buffer error vulnerability fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=174356", }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-849", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-125", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2021-31881", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-044112.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-114589.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-620288.html", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021111003", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3874", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2021-31881", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.4289", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021121648", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3833", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-07", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-350-06", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-313-03", }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-849", }, { db: "NVD", id: "CVE-2021-31881", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNNVD", id: "CNNVD-202111-849", }, { db: "NVD", id: "CVE-2021-31881", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-11-09T00:00:00", db: "CNNVD", id: "CNNVD-202111-849", }, { date: "2021-11-09T12:15:09.257000", db: "NVD", id: "CVE-2021-31881", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-05-23T00:00:00", db: "CNNVD", id: "CNNVD-202111-849", }, { date: "2024-10-08T09:15:04.740000", db: "NVD", id: "CVE-2021-31881", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202111-849", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens Nucleus ReadyStart Buffer error vulnerability", sources: [ { db: "CNNVD", id: "CNNVD-202111-849", }, ], trust: 0.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202111-849", }, ], trust: 0.6, }, }
var-202111-1604
Vulnerability from variot
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “PWD/XPWD” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0016). Multiple Siemens products are vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202111-1604", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "desigo pxc12-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "talon tc modular", scope: "lt", trust: 1, vendor: "siemens", version: "3.5.4", }, { model: "nucleus source code", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "desigo pxc36.1-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc128-u", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc50-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc64-u", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc001-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "apogee pxc compact", scope: "lt", trust: 1, vendor: "siemens", version: "2.8.19", }, { model: "desigo pxc100-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc36.1-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "apogee pxc compact", scope: "lt", trust: 1, vendor: "siemens", version: "3.5.4", }, { model: "nucleus net", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "desigo pxc00-u", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxc12-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxc22-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "apogee modular building controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "desigo pxc22.1-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc128-u", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxm20-e", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc200-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxm20-e", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxc00-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxc22.1-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "apogee pxc modular", scope: "lt", trust: 1, vendor: "siemens", version: "3.5.4", }, { model: "apogee pxc modular", scope: "lt", trust: 1, vendor: "siemens", version: "2.8.19", }, { model: "talon tc compact", scope: "lt", trust: 1, vendor: "siemens", version: "3.5.4", }, { model: "desigo pxc100-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxc22-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "nucleus readystart v3", scope: "lt", trust: 1, vendor: "siemens", version: "2017.02.4", }, { model: "desigo pxc00-u", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc64-u", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxc00-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc001-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "apogee modular equiment controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "desigo pxc200-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc50-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "capital vstar", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "apogee pxc compact", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "apogee modular equiment controller", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "nucleus readystart v3", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "apogee pxc modular", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "talon tc modular", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "nucleus net", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "apogee modular building controller", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "nucleus source code", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "talon tc compact", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-014903", }, { db: "NVD", id: "CVE-2021-31887", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens reported these vulnerabilities to CISA.", sources: [ { db: "CNNVD", id: "CNNVD-202111-844", }, ], trust: 0.6, }, cve: "CVE-2021-31887", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 8, id: "CVE-2021-31887", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.8, vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.8, id: "CVE-2021-31887", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 8.8, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2021-31887", impactScore: null, integrityImpact: "High", privilegesRequired: "Low", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-31887", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2021-31887", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-202111-844", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-014903", }, { db: "CNNVD", id: "CNNVD-202111-844", }, { db: "NVD", id: "CVE-2021-31887", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “PWD/XPWD” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0016). Multiple Siemens products are vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state", sources: [ { db: "NVD", id: "CVE-2021-31887", }, { db: "JVNDB", id: "JVNDB-2021-014903", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-31887", trust: 3.2, }, { db: "SIEMENS", id: "SSA-044112", trust: 1.6, }, { db: "SIEMENS", id: "SSA-114589", trust: 1.6, }, { db: "ICS CERT", id: "ICSA-21-315-07", trust: 1.4, }, { db: "ICS CERT", id: "ICSA-21-313-03", trust: 1.4, }, { db: "JVN", id: "JVNVU95671889", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2021-014903", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2021.3874", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3833", trust: 0.6, }, { db: "CS-HELP", id: "SB2021111003", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202111-844", trust: 0.6, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-014903", }, { db: "CNNVD", id: "CNNVD-202111-844", }, { db: "NVD", id: "CVE-2021-31887", }, ], }, id: "VAR-202111-1604", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.41785447777777773, }, last_update_date: "2024-08-14T13:05:16.023000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "SSA-044112 Siemens Security Advisory", trust: 0.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, { title: "Siemens Nucleus ReadyStart Buffer error vulnerability fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=174348", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-014903", }, { db: "CNNVD", id: "CNNVD-202111-844", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1, }, { problemtype: "CWE-170", trust: 1, }, { problemtype: "Out-of-bounds writing (CWE-787) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-014903", }, { db: "NVD", id: "CVE-2021-31887", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { trust: 0.8, url: "http://jvn.jp/vu/jvnvu95671889/index.html", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2021-31887", }, { trust: 0.8, url: "https://www.cisa.gov/uscert/ics/advisories/icsa-21-313-03", }, { trust: 0.8, url: "https://www.cisa.gov/uscert/ics/advisories/icsa-21-315-07", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021111003", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3874", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3833", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-07", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-313-03", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-014903", }, { db: "CNNVD", id: "CNNVD-202111-844", }, { db: "NVD", id: "CVE-2021-31887", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "JVNDB", id: "JVNDB-2021-014903", }, { db: "CNNVD", id: "CNNVD-202111-844", }, { db: "NVD", id: "CVE-2021-31887", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-10-31T00:00:00", db: "JVNDB", id: "JVNDB-2021-014903", }, { date: "2021-11-09T00:00:00", db: "CNNVD", id: "CNNVD-202111-844", }, { date: "2021-11-09T12:15:09.587000", db: "NVD", id: "CVE-2021-31887", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-10-31T08:03:00", db: "JVNDB", id: "JVNDB-2021-014903", }, { date: "2022-05-23T00:00:00", db: "CNNVD", id: "CNNVD-202111-844", }, { date: "2023-03-13T15:28:09.447000", db: "NVD", id: "CVE-2021-31887", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202111-844", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Out-of-bounds write vulnerabilities in multiple Siemens products", sources: [ { db: "JVNDB", id: "JVNDB-2021-014903", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202111-844", }, ], trust: 0.6, }, }
var-202111-1613
Vulnerability from variot
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions < V1.0.0.0). ICMP echo packets with fake IP options allow sending ICMP echo reply messages to arbitrary hosts on the network. (FSMD-2021-0004)
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202111-1613", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nucleus readystart v4", scope: "lt", trust: 1, vendor: "siemens", version: "4.1.1", }, { model: "apogee modular building controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "talon tc compact", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "apogee pxc compact", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus net", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus source code", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "apogee pxc modular", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "talon tc modular", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "capital vstar", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus readystart v3", scope: "lt", trust: 1, vendor: "siemens", version: "2017.02.1", }, { model: "apogee modular equiment controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, ], sources: [ { db: "NVD", id: "CVE-2021-31344", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens reported these vulnerabilities to CISA.", sources: [ { db: "CNNVD", id: "CNNVD-202111-855", }, ], trust: 0.6, }, cve: "CVE-2021-31344", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CVE-2021-31344", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2021-31344", impactScore: 1.4, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-31344", trust: 1, value: "MEDIUM", }, { author: "productcert@siemens.com", id: "CVE-2021-31344", trust: 1, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202111-855", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-855", }, { db: "NVD", id: "CVE-2021-31344", }, { db: "NVD", id: "CVE-2021-31344", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions < V1.0.0.0). ICMP echo packets with fake IP options allow sending ICMP echo reply messages to arbitrary hosts on the network. (FSMD-2021-0004)", sources: [ { db: "NVD", id: "CVE-2021-31344", }, ], trust: 1, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-31344", trust: 1.6, }, { db: "SIEMENS", id: "SSA-620288", trust: 1.6, }, { db: "SIEMENS", id: "SSA-044112", trust: 1.6, }, { db: "SIEMENS", id: "SSA-845392", trust: 1.6, }, { db: "SIEMENS", id: "SSA-223353", trust: 1.6, }, { db: "SIEMENS", id: "SSA-114589", trust: 1.6, }, { db: "ICS CERT", id: "ICSA-21-350-06", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-313-03", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-315-07", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-22-013-03", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-22-069-02", trust: 0.6, }, { db: "CS-HELP", id: "SB2021121648", trust: 0.6, }, { db: "CS-HELP", id: "SB2022031013", trust: 0.6, }, { db: "CS-HELP", id: "SB2021111003", trust: 0.6, }, { db: "CS-HELP", id: "SB2022011803", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3874", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.4289", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3833", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202111-855", trust: 0.6, }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-855", }, { db: "NVD", id: "CVE-2021-31344", }, ], }, id: "VAR-202111-1613", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.544069276, }, last_update_date: "2024-10-08T22:03:22.987000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Siemens Nucleus ReadyStart Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=178543", }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-855", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-843", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2021-31344", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-223353.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-044112.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-114589.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-223353.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-620288.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-845392.html", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021111003", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3833", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-22-069-02", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3874", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2021-31344", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.4289", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022011803", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-22-013-03", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021121648", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-07", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-350-06", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022031013", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-313-03", }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-855", }, { db: "NVD", id: "CVE-2021-31344", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNNVD", id: "CNNVD-202111-855", }, { db: "NVD", id: "CVE-2021-31344", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-11-09T00:00:00", db: "CNNVD", id: "CNNVD-202111-855", }, { date: "2021-11-09T12:15:09.087000", db: "NVD", id: "CVE-2021-31344", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-05-23T00:00:00", db: "CNNVD", id: "CNNVD-202111-855", }, { date: "2024-10-08T09:15:03.490000", db: "NVD", id: "CVE-2021-31344", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202111-855", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens Nucleus ReadyStart Security hole", sources: [ { db: "CNNVD", id: "CNNVD-202111-855", }, ], trust: 0.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202111-855", }, ], trust: 0.6, }, }
var-202104-1826
Vulnerability from variot
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name label parsing functionality does not properly validate the null-terminated name in DNS-responses. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the read memory. SIMOTICS CONNECT 400 is a connector and sensor box installed on a low-voltage motor and provides analysis data for the MindSphere application SIDRIVE IQ Fleet. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202104-1826", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nucleus readystart v3", scope: "lt", trust: 1, vendor: "siemens", version: "2017.02.3", }, { model: "nucleus source code", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "simotics connect 400", scope: "lt", trust: 1, vendor: "siemens", version: "0.5.0.0", }, { model: "nucleus net", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus readystart v4", scope: "lt", trust: 1, vendor: "siemens", version: "4.1.0", }, { model: "simotics connect", scope: "eq", trust: 0.6, vendor: "siemens", version: "400<v0.5.0.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28707", }, { db: "NVD", id: "CVE-2020-27736", }, ], }, cve: "CVE-2020-27736", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "CVE-2020-27736", impactScore: 4.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.1, vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:P", version: "2.0", }, { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 6.1, confidentialityImpact: "PARTIAL", exploitabilityScore: 4.9, id: "CNVD-2021-28707", impactScore: 7.8, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:H/Au:N/C:P/I:N/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "HIGH", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.2, id: "CVE-2020-27736", impactScore: 4.2, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-27736", trust: 1, value: "MEDIUM", }, { author: "productcert@siemens.com", id: "CVE-2020-27736", trust: 1, value: "MEDIUM", }, { author: "CNVD", id: "CNVD-2021-28707", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202104-939", trust: 0.6, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2020-27736", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28707", }, { db: "VULMON", id: "CVE-2020-27736", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-939", }, { db: "NVD", id: "CVE-2020-27736", }, { db: "NVD", id: "CVE-2020-27736", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name label parsing functionality does not properly validate the null-terminated name in DNS-responses. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the read memory. SIMOTICS CONNECT 400 is a connector and sensor box installed on a low-voltage motor and provides analysis data for the MindSphere application SIDRIVE IQ Fleet. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements", sources: [ { db: "NVD", id: "CVE-2020-27736", }, { db: "CNVD", id: "CNVD-2021-28707", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "VULMON", id: "CVE-2020-27736", }, ], trust: 2.07, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "SIEMENS", id: "SSA-669158", trust: 2.3, }, { db: "NVD", id: "CVE-2020-27736", trust: 2.3, }, { db: "SIEMENS", id: "SSA-705111", trust: 1.7, }, { db: "SIEMENS", id: "SSA-180579", trust: 1, }, { db: "CNVD", id: "CNVD-2021-28707", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041363", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041407", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041515", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-103-13", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-939", trust: 0.6, }, { db: "VULMON", id: "CVE-2020-27736", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28707", }, { db: "VULMON", id: "CVE-2020-27736", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-939", }, { db: "NVD", id: "CVE-2020-27736", }, ], }, id: "VAR-202104-1826", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-28707", }, ], trust: 1.1595598933333333, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28707", }, ], }, last_update_date: "2024-11-23T19:30:48.514000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Patch for Siemens SIMOTICS CONNECT 400 Denial of Service Vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/258566", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=53e7f522de1910b1af8f6f92fe53b3b1", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=8f932b97a970d1020015c1a82a730e96", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28707", }, { db: "VULMON", id: "CVE-2020-27736", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-170", trust: 1, }, { problemtype: "CWE-125", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2020-27736", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.3, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf", }, { trust: 1.7, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041363", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2020-27736", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041515", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-13", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041407", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/170.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://cert-portal.siemens.com/productcert/txt/ssa-669158.txt", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28707", }, { db: "VULMON", id: "CVE-2020-27736", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-939", }, { db: "NVD", id: "CVE-2020-27736", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-28707", }, { db: "VULMON", id: "CVE-2020-27736", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-939", }, { db: "NVD", id: "CVE-2020-27736", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-15T00:00:00", db: "CNVD", id: "CNVD-2021-28707", }, { date: "2021-04-22T00:00:00", db: "VULMON", id: "CVE-2020-27736", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-939", }, { date: "2021-04-22T21:15:09.250000", db: "NVD", id: "CVE-2020-27736", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-15T00:00:00", db: "CNVD", id: "CNVD-2021-28707", }, { date: "2021-04-30T00:00:00", db: "VULMON", id: "CVE-2020-27736", }, { date: "2021-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2022-08-10T00:00:00", db: "CNNVD", id: "CNNVD-202104-939", }, { date: "2024-11-21T05:21:43.303000", db: "NVD", id: "CVE-2020-27736", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202104-939", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens SIMOTICS CONNECT 400 Denial of Service Vulnerability", sources: [ { db: "CNVD", id: "CNVD-2021-28707", }, ], trust: 0.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202104-975", }, ], trust: 0.6, }, }
var-202111-1614
Vulnerability from variot
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions < V1.0.0.0). The total length of an TCP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0017)
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202111-1614", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nucleus readystart v4", scope: "lt", trust: 1, vendor: "siemens", version: "4.1.1", }, { model: "apogee modular building controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus readystart v3", scope: "lt", trust: 1, vendor: "siemens", version: "2017.02.4", }, { model: "talon tc compact", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "apogee pxc compact", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus net", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus source code", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "apogee pxc modular", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "talon tc modular", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "capital vstar", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "apogee modular equiment controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, ], sources: [ { db: "NVD", id: "CVE-2021-31890", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens reported these vulnerabilities to CISA.", sources: [ { db: "CNNVD", id: "CNNVD-202111-836", }, ], trust: 0.6, }, cve: "CVE-2021-31890", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2021-31890", impactScore: 4.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2021-31890", impactScore: 5.2, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "productcert@siemens.com", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2021-31890", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-31890", trust: 1, value: "CRITICAL", }, { author: "productcert@siemens.com", id: "CVE-2021-31890", trust: 1, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202111-836", trust: 0.6, value: "CRITICAL", }, ], }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-836", }, { db: "NVD", id: "CVE-2021-31890", }, { db: "NVD", id: "CVE-2021-31890", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions < V1.0.0.0). The total length of an TCP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0017)", sources: [ { db: "NVD", id: "CVE-2021-31890", }, ], trust: 1, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-31890", trust: 1.6, }, { db: "SIEMENS", id: "SSA-620288", trust: 1.6, }, { db: "SIEMENS", id: "SSA-044112", trust: 1.6, }, { db: "SIEMENS", id: "SSA-845392", trust: 1.6, }, { db: "SIEMENS", id: "SSA-223353", trust: 1.6, }, { db: "SIEMENS", id: "SSA-114589", trust: 1.6, }, { db: "AUSCERT", id: "ESB-2022.0094", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3874", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.4289", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3833", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-22-013-03", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-22-069-02", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-350-06", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-313-03", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-315-07", trust: 0.6, }, { db: "CS-HELP", id: "SB2022031013", trust: 0.6, }, { db: "CS-HELP", id: "SB2021111003", trust: 0.6, }, { db: "CS-HELP", id: "SB2021121648", trust: 0.6, }, { db: "CS-HELP", id: "SB2022011803", trust: 0.6, }, { db: "CS-HELP", id: "SB2022010910", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202111-836", trust: 0.6, }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-836", }, { db: "NVD", id: "CVE-2021-31890", }, ], }, id: "VAR-202111-1614", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.544069276, }, last_update_date: "2024-10-08T22:30:23.900000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Siemens Nucleus Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=178538", }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-836", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-240", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2021-31890", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-223353.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-044112.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-114589.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-223353.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-620288.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-845392.html", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021111003", }, { trust: 0.6, url: "https://source.android.com/security/bulletin/2022-01-01", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.0094", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3833", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-22-069-02", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3874", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-january-2022-37172", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.4289", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022011803", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-22-013-03", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021121648", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-07", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022010910", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-350-06", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022031013", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-313-03", }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-836", }, { db: "NVD", id: "CVE-2021-31890", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNNVD", id: "CNNVD-202111-836", }, { db: "NVD", id: "CVE-2021-31890", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-11-09T00:00:00", db: "CNNVD", id: "CNNVD-202111-836", }, { date: "2021-11-09T12:15:09.743000", db: "NVD", id: "CVE-2021-31890", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-05-23T00:00:00", db: "CNNVD", id: "CNNVD-202111-836", }, { date: "2024-10-08T09:15:06.630000", db: "NVD", id: "CVE-2021-31890", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202111-836", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens Nucleus ReadyStart Security hole", sources: [ { db: "CNNVD", id: "CNNVD-202111-836", }, ], trust: 0.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202111-836", }, ], trust: 0.6, }, }
var-202111-1605
Vulnerability from variot
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “USER” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0010). Multiple Siemens products are vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202111-1605", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "desigo pxc12-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "talon tc modular", scope: "lt", trust: 1, vendor: "siemens", version: "3.5.4", }, { model: "nucleus source code", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "desigo pxc36.1-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc128-u", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc50-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc64-u", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc001-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "apogee pxc compact", scope: "lt", trust: 1, vendor: "siemens", version: "2.8.19", }, { model: "desigo pxc100-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc36.1-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "apogee pxc compact", scope: "lt", trust: 1, vendor: "siemens", version: "3.5.4", }, { model: "nucleus net", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "desigo pxc00-u", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxc12-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxc22-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "apogee modular building controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "desigo pxc22.1-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc128-u", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxm20-e", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc200-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxm20-e", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxc00-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxc22.1-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "apogee pxc modular", scope: "lt", trust: 1, vendor: "siemens", version: "3.5.4", }, { model: "apogee pxc modular", scope: "lt", trust: 1, vendor: "siemens", version: "2.8.19", }, { model: "talon tc compact", scope: "lt", trust: 1, vendor: "siemens", version: "3.5.4", }, { model: "desigo pxc100-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxc22-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "nucleus readystart v3", scope: "lt", trust: 1, vendor: "siemens", version: "2017.02.4", }, { model: "desigo pxc00-u", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc64-u", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "desigo pxc00-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc001-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "apogee modular equiment controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "desigo pxc200-e.d", scope: "gte", trust: 1, vendor: "siemens", version: "2.3", }, { model: "desigo pxc50-e.d", scope: "lt", trust: 1, vendor: "siemens", version: "6.30.016", }, { model: "capital vstar", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "apogee pxc compact", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "apogee modular equiment controller", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "nucleus readystart v3", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "apogee pxc modular", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "talon tc modular", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "nucleus net", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "apogee modular building controller", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "nucleus source code", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, { model: "talon tc compact", scope: null, trust: 0.8, vendor: "シーメンス", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-014902", }, { db: "NVD", id: "CVE-2021-31886", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens reported these vulnerabilities to CISA.", sources: [ { db: "CNNVD", id: "CNNVD-202111-843", }, ], trust: 0.6, }, cve: "CVE-2021-31886", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2021-31886", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 1.8, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2021-31886", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2021-31886", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-31886", trust: 1, value: "CRITICAL", }, { author: "NVD", id: "CVE-2021-31886", trust: 0.8, value: "Critical", }, { author: "CNNVD", id: "CNNVD-202111-843", trust: 0.6, value: "CRITICAL", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-014902", }, { db: "CNNVD", id: "CNNVD-202111-843", }, { db: "NVD", id: "CVE-2021-31886", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “USER” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0010). Multiple Siemens products are vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state", sources: [ { db: "NVD", id: "CVE-2021-31886", }, { db: "JVNDB", id: "JVNDB-2021-014902", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-31886", trust: 3.2, }, { db: "SIEMENS", id: "SSA-044112", trust: 1.6, }, { db: "SIEMENS", id: "SSA-114589", trust: 1.6, }, { db: "ICS CERT", id: "ICSA-21-315-07", trust: 1.4, }, { db: "ICS CERT", id: "ICSA-21-313-03", trust: 1.4, }, { db: "JVN", id: "JVNVU95671889", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2021-014902", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2021.3874", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3833", trust: 0.6, }, { db: "CS-HELP", id: "SB2021111003", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202111-843", trust: 0.6, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-014902", }, { db: "CNNVD", id: "CNNVD-202111-843", }, { db: "NVD", id: "CVE-2021-31886", }, ], }, id: "VAR-202111-1605", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.41785447777777773, }, last_update_date: "2024-08-14T12:19:42.972000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "SSA-044112 Siemens Security Advisory", trust: 0.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, { title: "Siemens Nucleus Buffer error vulnerability fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=169817", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-014902", }, { db: "CNNVD", id: "CNNVD-202111-843", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1, }, { problemtype: "CWE-170", trust: 1, }, { problemtype: "Out-of-bounds writing (CWE-787) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-014902", }, { db: "NVD", id: "CVE-2021-31886", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { trust: 0.8, url: "http://jvn.jp/vu/jvnvu95671889/index.html", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2021-31886", }, { trust: 0.8, url: "https://www.cisa.gov/uscert/ics/advisories/icsa-21-313-03", }, { trust: 0.8, url: "https://www.cisa.gov/uscert/ics/advisories/icsa-21-315-07", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021111003", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3874", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3833", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-07", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-313-03", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-014902", }, { db: "CNNVD", id: "CNNVD-202111-843", }, { db: "NVD", id: "CVE-2021-31886", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "JVNDB", id: "JVNDB-2021-014902", }, { db: "CNNVD", id: "CNNVD-202111-843", }, { db: "NVD", id: "CVE-2021-31886", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-10-31T00:00:00", db: "JVNDB", id: "JVNDB-2021-014902", }, { date: "2021-11-09T00:00:00", db: "CNNVD", id: "CNNVD-202111-843", }, { date: "2021-11-09T12:15:09.540000", db: "NVD", id: "CVE-2021-31886", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-10-31T08:01:00", db: "JVNDB", id: "JVNDB-2021-014902", }, { date: "2022-05-23T00:00:00", db: "CNNVD", id: "CNNVD-202111-843", }, { date: "2023-02-10T15:38:07.227000", db: "NVD", id: "CVE-2021-31886", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202111-843", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Out-of-bounds write vulnerabilities in multiple Siemens products", sources: [ { db: "JVNDB", id: "JVNDB-2021-014902", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202111-843", }, ], trust: 0.6, }, }
var-202111-1608
Vulnerability from variot
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303). When processing a DHCP ACK message, the DHCP client application does not validate the length of the Vendor option(s), leading to Denial-of-Service conditions. (FSMD-2021-0013)
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202111-1608", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "apogee modular building controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "talon tc compact", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "apogee pxc compact", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus net", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus source code", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "apogee pxc modular", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "talon tc modular", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "capital vstar", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nucleus readystart v3", scope: "lt", trust: 1, vendor: "siemens", version: "2017.02.1", }, { model: "apogee modular equiment controller", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, ], sources: [ { db: "NVD", id: "CVE-2021-31883", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens reported these vulnerabilities to CISA.", sources: [ { db: "CNNVD", id: "CNNVD-202111-847", }, ], trust: 0.6, }, cve: "CVE-2021-31883", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CVE-2021-31883", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2021-31883", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "ADJACENT", author: "productcert@siemens.com", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2021-31883", impactScore: 4.2, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-31883", trust: 1, value: "HIGH", }, { author: "productcert@siemens.com", id: "CVE-2021-31883", trust: 1, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202111-847", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-847", }, { db: "NVD", id: "CVE-2021-31883", }, { db: "NVD", id: "CVE-2021-31883", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303). When processing a DHCP ACK message, the DHCP client application does not validate the length of the Vendor option(s), leading to Denial-of-Service conditions. (FSMD-2021-0013)", sources: [ { db: "NVD", id: "CVE-2021-31883", }, ], trust: 1, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-31883", trust: 1.6, }, { db: "SIEMENS", id: "SSA-114589", trust: 1.6, }, { db: "SIEMENS", id: "SSA-620288", trust: 1.6, }, { db: "SIEMENS", id: "SSA-044112", trust: 1.6, }, { db: "ICS CERT", id: "ICSA-21-350-06", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-313-03", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-21-315-07", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3874", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.4289", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3833", trust: 0.6, }, { db: "CS-HELP", id: "SB2021111003", trust: 0.6, }, { db: "CS-HELP", id: "SB2021121648", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202111-847", trust: 0.6, }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-847", }, { db: "NVD", id: "CVE-2021-31883", }, ], }, id: "VAR-202111-1608", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.544069276, }, last_update_date: "2024-10-08T21:22:58.310000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Siemens Nucleus ReadyStart Buffer error vulnerability fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=174354", }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-847", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-119", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2021-31883", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf", }, { trust: 1.6, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-044112.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-114589.html", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-620288.html", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021111003", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3874", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.4289", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021121648", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3833", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-07", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-350-06", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-313-03", }, ], sources: [ { db: "CNNVD", id: "CNNVD-202111-847", }, { db: "NVD", id: "CVE-2021-31883", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNNVD", id: "CNNVD-202111-847", }, { db: "NVD", id: "CVE-2021-31883", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-11-09T00:00:00", db: "CNNVD", id: "CNNVD-202111-847", }, { date: "2021-11-09T12:15:09.383000", db: "NVD", id: "CVE-2021-31883", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-05-23T00:00:00", db: "CNNVD", id: "CNNVD-202111-847", }, { date: "2024-10-08T09:15:05.633000", db: "NVD", id: "CVE-2021-31883", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202111-847", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens Nucleus ReadyStart Buffer error vulnerability", sources: [ { db: "CNNVD", id: "CNNVD-202111-847", }, ], trust: 0.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202111-847", }, ], trust: 0.6, }, }
var-202104-1830
Vulnerability from variot
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (All versions including affected IPv6 stack). The function that processes the Hop-by-Hop extension header in IPv6 packets and its options lacks any checks against the length field of the header, allowing attackers to put the function into an infinite loop by supplying arbitrary length values. The Nucleus NET module contains a series of standard-compliant network and communication protocols, drivers and utilities to provide full-featured network support in any embedded device. Nucleus RTOS provides a highly scalable microkernel-based real-time operating system designed for the scalability and reliability of systems in aerospace, industrial and medical applications. VSTAR is a complete AUTOSAR 4 based ECU solution that provides tools and embedded software for timely product deployment. Nucleus ReadyStart is a platform with integrated software IP, tools and services.
Siemens Nucleus products have security vulnerabilities. An attacker can use the vulnerability to put the function into infinity by providing an arbitrary length value. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202104-1830", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nucleus readystart v3", scope: "lt", trust: 1, vendor: "siemens", version: "2017.02.4", }, { model: "nucleus source code", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "nucleus net", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "capital vstar", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "nucleus readystart v4", scope: "lt", trust: 1, vendor: "siemens", version: "4.1.0", }, { model: "vstar", scope: null, trust: 0.6, vendor: "siemens", version: null, }, { model: "nucleus source code", scope: null, trust: 0.6, vendor: "siemens", version: null, }, { model: "nucleus net", scope: null, trust: 0.6, vendor: "siemens", version: null, }, { model: "nucleus readystart", scope: null, trust: 0.6, vendor: "siemens", version: null, }, { model: "nucleus", scope: "eq", trust: 0.6, vendor: "siemens", version: "4<v4.1.0", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28696", }, { db: "NVD", id: "CVE-2021-25664", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens reported these vulnerabilities to CISA.", sources: [ { db: "CNNVD", id: "CNNVD-202104-993", }, ], trust: 0.6, }, cve: "CVE-2021-25664", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CVE-2021-25664", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.1, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2021-28696", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2021-25664", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-25664", trust: 1, value: "HIGH", }, { author: "productcert@siemens.com", id: "CVE-2021-25664", trust: 1, value: "HIGH", }, { author: "CNVD", id: "CNVD-2021-28696", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202104-993", trust: 0.6, value: "HIGH", }, { author: "VULMON", id: "CVE-2021-25664", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28696", }, { db: "VULMON", id: "CVE-2021-25664", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-993", }, { db: "NVD", id: "CVE-2021-25664", }, { db: "NVD", id: "CVE-2021-25664", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (All versions including affected IPv6 stack). The function that processes the Hop-by-Hop extension header in IPv6 packets and its options lacks any checks against the length field of the header, allowing attackers to put the function into an infinite loop by supplying arbitrary length values. The Nucleus NET module contains a series of standard-compliant network and communication protocols, drivers and utilities to provide full-featured network support in any embedded device. Nucleus RTOS provides a highly scalable microkernel-based real-time operating system designed for the scalability and reliability of systems in aerospace, industrial and medical applications. VSTAR is a complete AUTOSAR 4 based ECU solution that provides tools and embedded software for timely product deployment. Nucleus ReadyStart is a platform with integrated software IP, tools and services. \n\r\n\r\nSiemens Nucleus products have security vulnerabilities. An attacker can use the vulnerability to put the function into infinity by providing an arbitrary length value. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements", sources: [ { db: "NVD", id: "CVE-2021-25664", }, { db: "CNVD", id: "CNVD-2021-28696", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "VULMON", id: "CVE-2021-25664", }, ], trust: 2.07, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-25664", trust: 2.3, }, { db: "SIEMENS", id: "SSA-248289", trust: 2.3, }, { db: "ICS CERT", id: "ICSA-21-103-05", trust: 1.7, }, { db: "CNVD", id: "CNVD-2021-28696", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041363", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041414", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.1245", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-993", trust: 0.6, }, { db: "VULMON", id: "CVE-2021-25664", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28696", }, { db: "VULMON", id: "CVE-2021-25664", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-993", }, { db: "NVD", id: "CVE-2021-25664", }, ], }, id: "VAR-202104-1830", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-28696", }, ], trust: 1.1225228600000001, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28696", }, ], }, last_update_date: "2024-11-23T21:31:54.540000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Patch for Siemens Nucleus product IPv6 stack denial of service vulnerability (CNVD-2021-28696)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/258471", }, { title: "siemens Nucleus Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=147374", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=2e667a20dc904cea13ad0154c0461a55", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28696", }, { db: "VULMON", id: "CVE-2021-25664", }, { db: "CNNVD", id: "CNNVD-202104-993", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-835", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2021-25664", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.3, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-248289.pdf", }, { trust: 2.3, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-05", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/html/ssa-248289.html", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041363", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041414", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.1245", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2021-25664", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/835.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://cert-portal.siemens.com/productcert/txt/ssa-248289.txt", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28696", }, { db: "VULMON", id: "CVE-2021-25664", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-993", }, { db: "NVD", id: "CVE-2021-25664", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-28696", }, { db: "VULMON", id: "CVE-2021-25664", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-993", }, { db: "NVD", id: "CVE-2021-25664", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-15T00:00:00", db: "CNVD", id: "CNVD-2021-28696", }, { date: "2021-04-22T00:00:00", db: "VULMON", id: "CVE-2021-25664", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-993", }, { date: "2021-04-22T21:15:09.990000", db: "NVD", id: "CVE-2021-25664", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-15T00:00:00", db: "CNVD", id: "CNVD-2021-28696", }, { date: "2021-04-30T00:00:00", db: "VULMON", id: "CVE-2021-25664", }, { date: "2021-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2021-11-18T00:00:00", db: "CNNVD", id: "CNNVD-202104-993", }, { date: "2024-11-21T05:55:14.957000", db: "NVD", id: "CVE-2021-25664", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202104-993", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens Nucleus product IPv6 stack denial of service vulnerability (CNVD-2021-28696)", sources: [ { db: "CNVD", id: "CNVD-2021-28696", }, ], trust: 0.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-993", }, ], trust: 1.2, }, }
var-202104-1827
Vulnerability from variot
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition. The Nucleus NET module contains a series of standard-compliant network and communication protocols, drivers and utilities to provide full-featured network support in any embedded device.
The Siemens Nucleus product has an out-of-bounds write vulnerability. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202104-1827", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nucleus net", scope: "lt", trust: 1, vendor: "siemens", version: "5.2", }, { model: "nucleus source code", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "vstar", scope: null, trust: 0.6, vendor: "siemens", version: null, }, { model: "nucleus source code", scope: null, trust: 0.6, vendor: "siemens", version: null, }, { model: "nucleus rtos", scope: null, trust: 0.6, vendor: "siemens", version: null, }, { model: "nucleus net", scope: "lt", trust: 0.6, vendor: "siemens", version: "v5.2", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28701", }, { db: "NVD", id: "CVE-2020-27009", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Daniel dos Santos, from Forescout Technologies, and Siemens reported these vulnerabilities to CISA.", sources: [ { db: "CNNVD", id: "CNNVD-202104-996", }, ], trust: 0.6, }, cve: "CVE-2020-27009", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "CVE-2020-27009", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.1, vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.6, confidentialityImpact: "COMPLETE", exploitabilityScore: 4.9, id: "CNVD-2021-28701", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:H/Au:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "HIGH", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.2, id: "CVE-2020-27009", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-27009", trust: 1, value: "HIGH", }, { author: "productcert@siemens.com", id: "CVE-2020-27009", trust: 1, value: "HIGH", }, { author: "CNVD", id: "CNVD-2021-28701", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202104-996", trust: 0.6, value: "HIGH", }, { author: "VULMON", id: "CVE-2020-27009", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28701", }, { db: "VULMON", id: "CVE-2020-27009", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-996", }, { db: "NVD", id: "CVE-2020-27009", }, { db: "NVD", id: "CVE-2020-27009", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition. The Nucleus NET module contains a series of standard-compliant network and communication protocols, drivers and utilities to provide full-featured network support in any embedded device. \n\r\n\r\nThe Siemens Nucleus product has an out-of-bounds write vulnerability. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements", sources: [ { db: "NVD", id: "CVE-2020-27009", }, { db: "CNVD", id: "CNVD-2021-28701", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "VULMON", id: "CVE-2020-27009", }, ], trust: 2.07, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "SIEMENS", id: "SSA-185699", trust: 2.3, }, { db: "NVD", id: "CVE-2020-27009", trust: 2.3, }, { db: "SIEMENS", id: "SSA-180579", trust: 1, }, { db: "ICS CERT", id: "ICSA-21-103-04", trust: 0.7, }, { db: "CNVD", id: "CNVD-2021-28701", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041363", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.1246", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041409", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-996", trust: 0.6, }, { db: "VULMON", id: "CVE-2020-27009", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28701", }, { db: "VULMON", id: "CVE-2020-27009", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-996", }, { db: "NVD", id: "CVE-2020-27009", }, ], }, id: "VAR-202104-1827", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-28701", }, ], trust: 1.1225228600000001, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28701", }, ], }, last_update_date: "2024-11-23T20:33:14.531000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Patch for Siemens Nucleus product out-of-bounds write vulnerability (CNVD-2021-28701)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/258411", }, { title: "Siemens Nucleus Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=147376", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=01a7c311af93ac6e3744c16b5c159592", }, { title: "Threatpost", trust: 0.1, url: "https://threatpost.com/namewreck-bugs-businesses/165385/", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28701", }, { db: "VULMON", id: "CVE-2020-27009", }, { db: "CNNVD", id: "CNNVD-202104-996", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1, }, { problemtype: "CWE-823", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2020-27009", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.3, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-185699.pdf", }, { trust: 1.3, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-04", }, { trust: 1, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041363", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2020-27009", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.1246", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041409", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/823.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://threatpost.com/namewreck-bugs-businesses/165385/", }, { trust: 0.1, url: "https://cert-portal.siemens.com/productcert/txt/ssa-185699.txt", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-28701", }, { db: "VULMON", id: "CVE-2020-27009", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-996", }, { db: "NVD", id: "CVE-2020-27009", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-28701", }, { db: "VULMON", id: "CVE-2020-27009", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202104-996", }, { db: "NVD", id: "CVE-2020-27009", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-15T00:00:00", db: "CNVD", id: "CNVD-2021-28701", }, { date: "2021-04-22T00:00:00", db: "VULMON", id: "CVE-2020-27009", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-996", }, { date: "2021-04-22T21:15:09.220000", db: "NVD", id: "CVE-2020-27009", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-15T00:00:00", db: "CNVD", id: "CNVD-2021-28701", }, { date: "2021-04-30T00:00:00", db: "VULMON", id: "CVE-2020-27009", }, { date: "2021-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2022-08-10T00:00:00", db: "CNNVD", id: "CNNVD-202104-996", }, { date: "2024-11-21T05:20:40.473000", db: "NVD", id: "CVE-2020-27009", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202104-996", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens Nucleus product out-of-bounds write vulnerability (CNVD-2021-28701)", sources: [ { db: "CNVD", id: "CNVD-2021-28701", }, ], trust: 0.6, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202104-975", }, ], trust: 0.6, }, }