All the vulnerabilites related to Siemens - APOGEE MEC (PPC) (BACnet)
cve-2021-31887
Vulnerability from cvelistv5
Published
2021-11-09 11:32
Modified
2024-08-03 23:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “PWD/XPWD” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0016)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | APOGEE MBC (PPC) (BACnet) |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:10:30.650Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "APOGEE MBC (PPC) (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "APOGEE MBC (PPC) (P2 Ethernet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "APOGEE MEC (PPC) (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "APOGEE MEC (PPC) (P2 Ethernet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "APOGEE PXC Compact (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.5.4"
}
]
},
{
"product": "APOGEE PXC Compact (P2 Ethernet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.8.19"
}
]
},
{
"product": "APOGEE PXC Modular (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.5.4"
}
]
},
{
"product": "APOGEE PXC Modular (P2 Ethernet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.8.19"
}
]
},
{
"product": "Desigo PXC00-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC00-U",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC001-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC100-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC12-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC128-U",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC200-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC22-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC22.1-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC36.1-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC50-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC64-U",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXM20-E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Nucleus NET",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "Nucleus ReadyStart V3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2017.02.4"
}
]
},
{
"product": "Nucleus Source Code",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "TALON TC Compact (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.5.4"
}
]
},
{
"product": "TALON TC Modular (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.5.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.19), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.19), Desigo PXC00-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC00-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC001-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC100-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC12-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC128-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC200-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC36.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC50-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC64-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXM20-E (All versions \u003e= V2.3 and \u003c V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions \u003c V3.5.4), TALON TC Modular (BACnet) (All versions \u003c V3.5.4). FTP server does not properly validate the length of the \u201cPWD/XPWD\u201d command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0016)"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-170",
"description": "CWE-170: Improper Null Termination",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-10T09:46:36",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-31887",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "APOGEE MBC (PPC) (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "APOGEE MBC (PPC) (P2 Ethernet)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "APOGEE MEC (PPC) (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "APOGEE MEC (PPC) (P2 Ethernet)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "APOGEE PXC Compact (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.5.4"
}
]
}
},
{
"product_name": "APOGEE PXC Compact (P2 Ethernet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2.8.19"
}
]
}
},
{
"product_name": "APOGEE PXC Modular (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.5.4"
}
]
}
},
{
"product_name": "APOGEE PXC Modular (P2 Ethernet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2.8.19"
}
]
}
},
{
"product_name": "Desigo PXC00-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC00-U",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC001-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC100-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC12-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC128-U",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC200-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC22-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC22.1-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC36.1-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC50-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC64-U",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXM20-E",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Nucleus NET",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "Nucleus ReadyStart V3",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2017.02.4"
}
]
}
},
{
"product_name": "Nucleus Source Code",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "TALON TC Compact (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.5.4"
}
]
}
},
{
"product_name": "TALON TC Modular (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.5.4"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.19), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.19), Desigo PXC00-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC00-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC001-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC100-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC12-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC128-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC200-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC36.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC50-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC64-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXM20-E (All versions \u003e= V2.3 and \u003c V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions \u003c V3.5.4), TALON TC Modular (BACnet) (All versions \u003c V3.5.4). FTP server does not properly validate the length of the \u201cPWD/XPWD\u201d command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0016)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-170: Improper Null Termination"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2021-31887",
"datePublished": "2021-11-09T11:32:00",
"dateReserved": "2021-04-29T00:00:00",
"dateUpdated": "2024-08-03T23:10:30.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-38371
Vulnerability from cvelistv5
Published
2022-10-11 00:00
Modified
2024-09-17 13:53
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.7), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.21), APOGEE PXC Modular (BACnet) (All versions < V3.5.7), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.21), Desigo PXC00-E.D (All versions >= V2.3), Desigo PXC00-U (All versions >= V2.3), Desigo PXC001-E.D (All versions >= V2.3), Desigo PXC100-E.D (All versions >= V2.3), Desigo PXC12-E.D (All versions >= V2.3), Desigo PXC128-U (All versions >= V2.3), Desigo PXC200-E.D (All versions >= V2.3), Desigo PXC22-E.D (All versions >= V2.3), Desigo PXC22.1-E.D (All versions >= V2.3), Desigo PXC36.1-E.D (All versions >= V2.3), Desigo PXC50-E.D (All versions >= V2.3), Desigo PXC64-U (All versions >= V2.3), Desigo PXM20-E (All versions >= V2.3), Nucleus NET for Nucleus PLUS V1 (All versions < V5.2a), Nucleus NET for Nucleus PLUS V2 (All versions < V5.4), Nucleus ReadyStart V3 V2012 (All versions < V2012.08.1), Nucleus ReadyStart V3 V2017 (All versions < V2017.02.4), Nucleus Source Code (All versions including affected FTP server), TALON TC Compact (BACnet) (All versions < V3.5.7), TALON TC Modular (BACnet) (All versions < V3.5.7). The FTP server does not properly release memory resources that were reserved for incomplete connection attempts by FTP clients. This could allow a remote attacker to generate a denial of service condition on devices that incorporate a vulnerable version of the FTP server.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:54:03.448Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-313313.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-935500.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-935500.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-313313.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-38371",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T18:15:00.675232Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-17T13:53:27.567Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "APOGEE MBC (PPC) (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "APOGEE MBC (PPC) (P2 Ethernet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "APOGEE MEC (PPC) (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "APOGEE MEC (PPC) (P2 Ethernet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "APOGEE PXC Compact (BACnet)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "APOGEE PXC Compact (P2 Ethernet)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.8.21",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "APOGEE PXC Modular (BACnet)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "APOGEE PXC Modular (P2 Ethernet)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.8.21",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Desigo PXC00-E.D",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V2.3",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Desigo PXC00-U",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "Desigo PXC001-E.D",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V2.3",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Desigo PXC100-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "Desigo PXC12-E.D",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V2.3",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Desigo PXC128-U",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "Desigo PXC200-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "Desigo PXC22-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "Desigo PXC22.1-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "Desigo PXC36.1-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "Desigo PXC50-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "Desigo PXC64-U",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "Desigo PXM20-E",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V2.3",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Nucleus NET for Nucleus PLUS V1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.2a"
}
]
},
{
"defaultStatus": "unknown",
"product": "Nucleus NET for Nucleus PLUS V2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.4"
}
]
},
{
"defaultStatus": "unknown",
"product": "Nucleus ReadyStart V3 V2012",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2012.08.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Nucleus ReadyStart V3 V2017",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2017.02.4"
}
]
},
{
"defaultStatus": "unknown",
"product": "Nucleus Source Code",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TALON TC Compact (BACnet)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TALON TC Modular (BACnet)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.5.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.7), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.21), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.7), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.21), Desigo PXC00-E.D (All versions \u003e= V2.3), Desigo PXC00-U (All versions \u003e= V2.3), Desigo PXC001-E.D (All versions \u003e= V2.3), Desigo PXC100-E.D (All versions \u003e= V2.3), Desigo PXC12-E.D (All versions \u003e= V2.3), Desigo PXC128-U (All versions \u003e= V2.3), Desigo PXC200-E.D (All versions \u003e= V2.3), Desigo PXC22-E.D (All versions \u003e= V2.3), Desigo PXC22.1-E.D (All versions \u003e= V2.3), Desigo PXC36.1-E.D (All versions \u003e= V2.3), Desigo PXC50-E.D (All versions \u003e= V2.3), Desigo PXC64-U (All versions \u003e= V2.3), Desigo PXM20-E (All versions \u003e= V2.3), Nucleus NET for Nucleus PLUS V1 (All versions \u003c V5.2a), Nucleus NET for Nucleus PLUS V2 (All versions \u003c V5.4), Nucleus ReadyStart V3 V2012 (All versions \u003c V2012.08.1), Nucleus ReadyStart V3 V2017 (All versions \u003c V2017.02.4), Nucleus Source Code (All versions including affected FTP server), TALON TC Compact (BACnet) (All versions \u003c V3.5.7), TALON TC Modular (BACnet) (All versions \u003c V3.5.7). The FTP server does not properly release memory resources that were reserved for incomplete connection attempts by FTP clients. This could allow a remote attacker to generate a denial of service condition on devices that incorporate a vulnerable version of the FTP server."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-15T07:23:31.390Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-313313.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-935500.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-935500.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-313313.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-38371",
"datePublished": "2022-10-11T00:00:00",
"dateReserved": "2022-08-16T00:00:00",
"dateUpdated": "2024-09-17T13:53:27.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-31884
Vulnerability from cvelistv5
Published
2021-11-09 11:31
Modified
2024-08-03 23:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Capital VSTAR (All versions with enabled Ethernet options), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). The DHCP client application assumes that the data supplied with the “Hostname” DHCP option is NULL terminated. In cases when global hostname variable is not defined, this may lead to Out-of-bound reads, writes, and Denial-of-service conditions. (FSMD-2021-0014)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | APOGEE MBC (PPC) (BACnet) |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:10:30.775Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "APOGEE MBC (PPC) (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "APOGEE MBC (PPC) (P2 Ethernet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "APOGEE MEC (PPC) (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "APOGEE MEC (PPC) (P2 Ethernet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "APOGEE PXC Compact (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.5.4"
}
]
},
{
"product": "APOGEE PXC Compact (P2 Ethernet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.8.19"
}
]
},
{
"product": "APOGEE PXC Modular (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.5.4"
}
]
},
{
"product": "APOGEE PXC Modular (P2 Ethernet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.8.19"
}
]
},
{
"product": "Capital VSTAR",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions with enabled Ethernet options"
}
]
},
{
"product": "Desigo PXC00-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC00-U",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC001-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC100-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC12-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC128-U",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC200-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC22-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC22.1-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC36.1-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC50-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC64-U",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXM20-E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Nucleus NET",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "Nucleus ReadyStart V3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2017.02.4"
}
]
},
{
"product": "Nucleus Source Code",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "TALON TC Compact (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.5.4"
}
]
},
{
"product": "TALON TC Modular (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.5.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.19), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.19), Capital VSTAR (All versions with enabled Ethernet options), Desigo PXC00-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC00-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC001-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC100-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC12-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC128-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC200-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC36.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC50-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC64-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXM20-E (All versions \u003e= V2.3 and \u003c V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions \u003c V3.5.4), TALON TC Modular (BACnet) (All versions \u003c V3.5.4). The DHCP client application assumes that the data supplied with the \u201cHostname\u201d DHCP option is NULL terminated. In cases when global hostname variable is not defined, this may lead to Out-of-bound reads, writes, and Denial-of-service conditions. (FSMD-2021-0014)"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-170",
"description": "CWE-170: Improper Null Termination",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-10T09:46:33",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-31884",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "APOGEE MBC (PPC) (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "APOGEE MBC (PPC) (P2 Ethernet)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "APOGEE MEC (PPC) (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "APOGEE MEC (PPC) (P2 Ethernet)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "APOGEE PXC Compact (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.5.4"
}
]
}
},
{
"product_name": "APOGEE PXC Compact (P2 Ethernet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2.8.19"
}
]
}
},
{
"product_name": "APOGEE PXC Modular (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.5.4"
}
]
}
},
{
"product_name": "APOGEE PXC Modular (P2 Ethernet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2.8.19"
}
]
}
},
{
"product_name": "Capital VSTAR",
"version": {
"version_data": [
{
"version_value": "All versions with enabled Ethernet options"
}
]
}
},
{
"product_name": "Desigo PXC00-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC00-U",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC001-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC100-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC12-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC128-U",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC200-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC22-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC22.1-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC36.1-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC50-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC64-U",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXM20-E",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Nucleus NET",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "Nucleus ReadyStart V3",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2017.02.4"
}
]
}
},
{
"product_name": "Nucleus Source Code",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "TALON TC Compact (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.5.4"
}
]
}
},
{
"product_name": "TALON TC Modular (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.5.4"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.19), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.19), Capital VSTAR (All versions with enabled Ethernet options), Desigo PXC00-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC00-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC001-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC100-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC12-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC128-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC200-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC36.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC50-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC64-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXM20-E (All versions \u003e= V2.3 and \u003c V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions \u003c V3.5.4), TALON TC Modular (BACnet) (All versions \u003c V3.5.4). The DHCP client application assumes that the data supplied with the \u201cHostname\u201d DHCP option is NULL terminated. In cases when global hostname variable is not defined, this may lead to Out-of-bound reads, writes, and Denial-of-service conditions. (FSMD-2021-0014)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-170: Improper Null Termination"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2021-31884",
"datePublished": "2021-11-09T11:31:57",
"dateReserved": "2021-04-29T00:00:00",
"dateUpdated": "2024-08-03T23:10:30.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-31886
Vulnerability from cvelistv5
Published
2021-11-09 11:31
Modified
2024-08-03 23:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “USER” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0010)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | APOGEE MBC (PPC) (BACnet) |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:10:30.838Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "APOGEE MBC (PPC) (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "APOGEE MBC (PPC) (P2 Ethernet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "APOGEE MEC (PPC) (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "APOGEE MEC (PPC) (P2 Ethernet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "APOGEE PXC Compact (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.5.4"
}
]
},
{
"product": "APOGEE PXC Compact (P2 Ethernet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.8.19"
}
]
},
{
"product": "APOGEE PXC Modular (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.5.4"
}
]
},
{
"product": "APOGEE PXC Modular (P2 Ethernet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.8.19"
}
]
},
{
"product": "Desigo PXC00-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC00-U",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC001-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC100-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC12-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC128-U",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC200-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC22-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC22.1-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC36.1-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC50-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC64-U",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXM20-E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Nucleus NET",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "Nucleus ReadyStart V3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2017.02.4"
}
]
},
{
"product": "Nucleus Source Code",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "TALON TC Compact (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.5.4"
}
]
},
{
"product": "TALON TC Modular (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.5.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.19), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.19), Desigo PXC00-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC00-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC001-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC100-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC12-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC128-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC200-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC36.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC50-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC64-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXM20-E (All versions \u003e= V2.3 and \u003c V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions \u003c V3.5.4), TALON TC Modular (BACnet) (All versions \u003c V3.5.4). FTP server does not properly validate the length of the \u201cUSER\u201d command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0010)"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-170",
"description": "CWE-170: Improper Null Termination",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-10T09:46:35",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-31886",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "APOGEE MBC (PPC) (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "APOGEE MBC (PPC) (P2 Ethernet)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "APOGEE MEC (PPC) (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "APOGEE MEC (PPC) (P2 Ethernet)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "APOGEE PXC Compact (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.5.4"
}
]
}
},
{
"product_name": "APOGEE PXC Compact (P2 Ethernet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2.8.19"
}
]
}
},
{
"product_name": "APOGEE PXC Modular (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.5.4"
}
]
}
},
{
"product_name": "APOGEE PXC Modular (P2 Ethernet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2.8.19"
}
]
}
},
{
"product_name": "Desigo PXC00-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC00-U",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC001-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC100-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC12-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC128-U",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC200-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC22-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC22.1-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC36.1-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC50-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC64-U",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXM20-E",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Nucleus NET",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "Nucleus ReadyStart V3",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2017.02.4"
}
]
}
},
{
"product_name": "Nucleus Source Code",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "TALON TC Compact (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.5.4"
}
]
}
},
{
"product_name": "TALON TC Modular (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.5.4"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.19), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.19), Desigo PXC00-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC00-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC001-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC100-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC12-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC128-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC200-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC36.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC50-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC64-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXM20-E (All versions \u003e= V2.3 and \u003c V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions \u003c V3.5.4), TALON TC Modular (BACnet) (All versions \u003c V3.5.4). FTP server does not properly validate the length of the \u201cUSER\u201d command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0010)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-170: Improper Null Termination"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2021-31886",
"datePublished": "2021-11-09T11:31:59",
"dateReserved": "2021-04-29T00:00:00",
"dateUpdated": "2024-08-03T23:10:30.838Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-31888
Vulnerability from cvelistv5
Published
2021-11-09 11:32
Modified
2024-08-03 23:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “MKD/XMKD” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0018)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | APOGEE MBC (PPC) (BACnet) |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:10:30.804Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "APOGEE MBC (PPC) (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "APOGEE MBC (PPC) (P2 Ethernet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "APOGEE MEC (PPC) (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "APOGEE MEC (PPC) (P2 Ethernet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "APOGEE PXC Compact (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.5.4"
}
]
},
{
"product": "APOGEE PXC Compact (P2 Ethernet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.8.19"
}
]
},
{
"product": "APOGEE PXC Modular (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.5.4"
}
]
},
{
"product": "APOGEE PXC Modular (P2 Ethernet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.8.19"
}
]
},
{
"product": "Desigo PXC00-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC00-U",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC001-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC100-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC12-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC128-U",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC200-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC22-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC22.1-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC36.1-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC50-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC64-U",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXM20-E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Nucleus NET",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "Nucleus ReadyStart V3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2017.02.4"
}
]
},
{
"product": "Nucleus Source Code",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "TALON TC Compact (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.5.4"
}
]
},
{
"product": "TALON TC Modular (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.5.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.19), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.19), Desigo PXC00-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC00-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC001-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC100-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC12-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC128-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC200-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC36.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC50-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC64-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXM20-E (All versions \u003e= V2.3 and \u003c V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions \u003c V3.5.4), TALON TC Modular (BACnet) (All versions \u003c V3.5.4). FTP server does not properly validate the length of the \u201cMKD/XMKD\u201d command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0018)"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-170",
"description": "CWE-170: Improper Null Termination",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-10T09:46:37",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-31888",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "APOGEE MBC (PPC) (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "APOGEE MBC (PPC) (P2 Ethernet)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "APOGEE MEC (PPC) (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "APOGEE MEC (PPC) (P2 Ethernet)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "APOGEE PXC Compact (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.5.4"
}
]
}
},
{
"product_name": "APOGEE PXC Compact (P2 Ethernet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2.8.19"
}
]
}
},
{
"product_name": "APOGEE PXC Modular (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.5.4"
}
]
}
},
{
"product_name": "APOGEE PXC Modular (P2 Ethernet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2.8.19"
}
]
}
},
{
"product_name": "Desigo PXC00-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC00-U",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC001-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC100-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC12-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC128-U",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC200-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC22-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC22.1-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC36.1-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC50-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC64-U",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXM20-E",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Nucleus NET",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "Nucleus ReadyStart V3",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2017.02.4"
}
]
}
},
{
"product_name": "Nucleus Source Code",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "TALON TC Compact (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.5.4"
}
]
}
},
{
"product_name": "TALON TC Modular (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.5.4"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.19), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.19), Desigo PXC00-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC00-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC001-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC100-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC12-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC128-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC200-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC36.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC50-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC64-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXM20-E (All versions \u003e= V2.3 and \u003c V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions \u003c V3.5.4), TALON TC Modular (BACnet) (All versions \u003c V3.5.4). FTP server does not properly validate the length of the \u201cMKD/XMKD\u201d command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0018)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-170: Improper Null Termination"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2021-31888",
"datePublished": "2021-11-09T11:32:00",
"dateReserved": "2021-04-29T00:00:00",
"dateUpdated": "2024-08-03T23:10:30.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-31885
Vulnerability from cvelistv5
Published
2021-11-09 11:31
Modified
2024-08-03 23:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.1), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). TFTP server application allows for reading the contents of the TFTP memory buffer via sending malformed TFTP commands. (FSMD-2021-0009)
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | APOGEE MBC (PPC) (BACnet) |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:10:30.607Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "APOGEE MBC (PPC) (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "APOGEE MBC (PPC) (P2 Ethernet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "APOGEE MEC (PPC) (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "APOGEE MEC (PPC) (P2 Ethernet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "APOGEE PXC Compact (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.5.4"
}
]
},
{
"product": "APOGEE PXC Compact (P2 Ethernet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.8.19"
}
]
},
{
"product": "APOGEE PXC Modular (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.5.4"
}
]
},
{
"product": "APOGEE PXC Modular (P2 Ethernet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.8.19"
}
]
},
{
"product": "Desigo PXC00-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC00-U",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC001-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC100-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC12-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC128-U",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC200-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC22-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC22.1-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC36.1-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC50-E.D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXC64-U",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Desigo PXM20-E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
},
{
"product": "Nucleus NET",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "Nucleus ReadyStart V3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2017.02.4"
}
]
},
{
"product": "Nucleus ReadyStart V4",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.1.1"
}
]
},
{
"product": "Nucleus Source Code",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "PLUSCONTROL 1st Gen",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "TALON TC Compact (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.5.4"
}
]
},
{
"product": "TALON TC Modular (BACnet)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.5.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.19), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.19), Desigo PXC00-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC00-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC001-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC100-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC12-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC128-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC200-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC36.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC50-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC64-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXM20-E (All versions \u003e= V2.3 and \u003c V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.4), Nucleus ReadyStart V4 (All versions \u003c V4.1.1), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions \u003c V3.5.4), TALON TC Modular (BACnet) (All versions \u003c V3.5.4). TFTP server application allows for reading the contents of the TFTP memory buffer via sending malformed TFTP commands. (FSMD-2021-0009)"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-805",
"description": "CWE-805: Buffer Access with Incorrect Length Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-10T09:46:34",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-31885",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "APOGEE MBC (PPC) (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "APOGEE MBC (PPC) (P2 Ethernet)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "APOGEE MEC (PPC) (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "APOGEE MEC (PPC) (P2 Ethernet)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "APOGEE PXC Compact (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.5.4"
}
]
}
},
{
"product_name": "APOGEE PXC Compact (P2 Ethernet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2.8.19"
}
]
}
},
{
"product_name": "APOGEE PXC Modular (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.5.4"
}
]
}
},
{
"product_name": "APOGEE PXC Modular (P2 Ethernet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2.8.19"
}
]
}
},
{
"product_name": "Desigo PXC00-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC00-U",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC001-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC100-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC12-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC128-U",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC200-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC22-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC22.1-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC36.1-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC50-E.D",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXC64-U",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Desigo PXM20-E",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
}
]
}
},
{
"product_name": "Nucleus NET",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "Nucleus ReadyStart V3",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2017.02.4"
}
]
}
},
{
"product_name": "Nucleus ReadyStart V4",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V4.1.1"
}
]
}
},
{
"product_name": "Nucleus Source Code",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "PLUSCONTROL 1st Gen",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "TALON TC Compact (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.5.4"
}
]
}
},
{
"product_name": "TALON TC Modular (BACnet)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.5.4"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.19), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.19), Desigo PXC00-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC00-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC001-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC100-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC12-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC128-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC200-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC36.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC50-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC64-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXM20-E (All versions \u003e= V2.3 and \u003c V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.4), Nucleus ReadyStart V4 (All versions \u003c V4.1.1), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions \u003c V3.5.4), TALON TC Modular (BACnet) (All versions \u003c V3.5.4). TFTP server application allows for reading the contents of the TFTP memory buffer via sending malformed TFTP commands. (FSMD-2021-0009)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-805: Buffer Access with Incorrect Length Value"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2021-31885",
"datePublished": "2021-11-09T11:31:58",
"dateReserved": "2021-04-29T00:00:00",
"dateUpdated": "2024-08-03T23:10:30.607Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}