All the vulnerabilites related to Siemens - Nucleus ReadyStart V4
cve-2021-25677
Vulnerability from cvelistv5
Published
2021-04-22 20:42
Modified
2024-08-03 20:11
Summary
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions >= V0.5.0.0 < V1.0.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the DNS cache or spoof DNS resolving.
Impacted products
Vendor Product Version
Siemens APOGEE PXC Compact (P2 Ethernet) Version: All versions < V2.8.20
Siemens APOGEE PXC Modular (BACnet) Version: All versions < V3.5.5
Siemens APOGEE PXC Modular (P2 Ethernet) Version: All versions < V2.8.20
Siemens Nucleus NET Version: All versions
Siemens Nucleus ReadyStart V3 Version: All versions < V2017.02.3
Siemens Nucleus ReadyStart V3 Version: All versions < V2017.02.4
Siemens Nucleus ReadyStart V4 Version: All versions < V4.1.0
Siemens Nucleus Source Code Version: Versions including affected DNS modules
Siemens SIMOTICS CONNECT 400 Version: All versions < V0.5.0.0
Siemens SIMOTICS CONNECT 400 Version: All versions >= V0.5.0.0 < V1.0.0.0
Siemens TALON TC Compact (BACnet) Version: All versions < V3.5.5
Siemens TALON TC Modular (BACnet) Version: All versions < V3.5.5
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:11:28.339Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "APOGEE PXC Compact (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "APOGEE PXC Compact (P2 Ethernet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.8.20"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "APOGEE PXC Modular (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "APOGEE PXC Modular (P2 Ethernet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.8.20"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus NET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus ReadyStart V3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2017.02.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus ReadyStart V3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2017.02.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus ReadyStart V4",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus Source Code",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "Versions including affected DNS modules"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOTICS CONNECT 400",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V0.5.0.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOTICS CONNECT 400",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V0.5.0.0 \u003c V1.0.0.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "TALON TC Compact (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "TALON TC Modular (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.20), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.3), Nucleus ReadyStart V3 (All versions \u003c V2017.02.4), Nucleus ReadyStart V4 (All versions \u003c V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions \u003c V0.5.0.0), SIMOTICS CONNECT 400 (All versions \u003e= V0.5.0.0 \u003c V1.0.0.0), TALON TC Compact (BACnet) (All versions \u003c V3.5.5), TALON TC Modular (BACnet) (All versions \u003c V3.5.5). The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the DNS cache or spoof DNS resolving."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-330",
              "description": "CWE-330: Use of Insufficiently Random Values",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-08T09:20:07.625Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-25677",
    "datePublished": "2021-04-22T20:42:21",
    "dateReserved": "2021-01-21T00:00:00",
    "dateUpdated": "2024-08-03T20:11:28.339Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27737
Vulnerability from cvelistv5
Published
2021-04-22 20:42
Modified
2024-08-04 16:18
Summary
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the memory past the allocated structure.
Impacted products
Vendor Product Version
Siemens APOGEE PXC Compact (P2 Ethernet) Version: All versions < V2.8.20
Siemens APOGEE PXC Modular (BACnet) Version: All versions < V3.5.5
Siemens APOGEE PXC Modular (P2 Ethernet) Version: All versions < V2.8.20
Siemens Nucleus NET Version: All versions
Siemens Nucleus ReadyStart V3 Version: All versions < V2017.02.3
Siemens Nucleus ReadyStart V4 Version: All versions < V4.1.0
Siemens Nucleus Source Code Version: Versions including affected DNS modules
Siemens SIMOTICS CONNECT 400 Version: All versions < V0.5.0.0
Siemens TALON TC Compact (BACnet) Version: All versions < V3.5.5
Siemens TALON TC Modular (BACnet) Version: All versions < V3.5.5
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.586Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "APOGEE PXC Compact (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "APOGEE PXC Compact (P2 Ethernet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.8.20"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "APOGEE PXC Modular (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "APOGEE PXC Modular (P2 Ethernet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.8.20"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus NET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus ReadyStart V3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2017.02.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus ReadyStart V4",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus Source Code",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "Versions including affected DNS modules"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOTICS CONNECT 400",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V0.5.0.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "TALON TC Compact (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "TALON TC Modular (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.20), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.3), Nucleus ReadyStart V4 (All versions \u003c V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions \u003c V0.5.0.0), TALON TC Compact (BACnet) (All versions \u003c V3.5.5), TALON TC Modular (BACnet) (All versions \u003c V3.5.5). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition  or leak the memory past the allocated structure."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125: Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-08T09:20:04.435Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2020-27737",
    "datePublished": "2021-04-22T20:42:19",
    "dateReserved": "2020-10-26T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.586Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27738
Vulnerability from cvelistv5
Published
2021-04-22 20:42
Modified
2024-08-04 16:18
Summary
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a read access past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition.
Impacted products
Vendor Product Version
Siemens APOGEE PXC Compact (P2 Ethernet) Version: All versions < V2.8.20
Siemens APOGEE PXC Modular (BACnet) Version: All versions < V3.5.5
Siemens APOGEE PXC Modular (P2 Ethernet) Version: All versions < V2.8.20
Siemens Nucleus NET Version: All versions
Siemens Nucleus ReadyStart V3 Version: All versions < V2017.02.3
Siemens Nucleus ReadyStart V4 Version: All versions < V4.1.0
Siemens Nucleus Source Code Version: Versions including affected DNS modules
Siemens SIMOTICS CONNECT 400 Version: All versions < V0.5.0.0
Siemens TALON TC Compact (BACnet) Version: All versions < V3.5.5
Siemens TALON TC Modular (BACnet) Version: All versions < V3.5.5
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.774Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "APOGEE PXC Compact (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "APOGEE PXC Compact (P2 Ethernet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.8.20"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "APOGEE PXC Modular (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "APOGEE PXC Modular (P2 Ethernet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.8.20"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus NET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus ReadyStart V3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2017.02.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus ReadyStart V4",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus Source Code",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "Versions including affected DNS modules"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOTICS CONNECT 400",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V0.5.0.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "TALON TC Compact (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "TALON TC Modular (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.20), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.3), Nucleus ReadyStart V4 (All versions \u003c V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions \u003c V0.5.0.0), TALON TC Compact (BACnet) (All versions \u003c V3.5.5), TALON TC Modular (BACnet) (All versions \u003c V3.5.5). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a read access past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-788",
              "description": "CWE-788: Access of Memory Location After End of Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-08T09:20:05.489Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2020-27738",
    "datePublished": "2021-04-22T20:42:20",
    "dateReserved": "2020-10-26T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.774Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27736
Vulnerability from cvelistv5
Published
2021-04-22 20:42
Modified
2024-08-04 16:18
Summary
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name label parsing functionality does not properly validate the null-terminated name in DNS-responses. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the read memory.
Impacted products
Vendor Product Version
Siemens APOGEE PXC Compact (P2 Ethernet) Version: All versions < V2.8.20
Siemens APOGEE PXC Modular (BACnet) Version: All versions < V3.5.5
Siemens APOGEE PXC Modular (P2 Ethernet) Version: All versions < V2.8.20
Siemens Nucleus NET Version: All versions
Siemens Nucleus ReadyStart V3 Version: All versions < V2017.02.3
Siemens Nucleus ReadyStart V4 Version: All versions < V4.1.0
Siemens Nucleus Source Code Version: Versions including affected DNS modules
Siemens SIMOTICS CONNECT 400 Version: All versions < V0.5.0.0
Siemens TALON TC Compact (BACnet) Version: All versions < V3.5.5
Siemens TALON TC Modular (BACnet) Version: All versions < V3.5.5
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.573Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "APOGEE PXC Compact (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "APOGEE PXC Compact (P2 Ethernet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.8.20"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "APOGEE PXC Modular (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "APOGEE PXC Modular (P2 Ethernet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.8.20"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus NET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus ReadyStart V3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2017.02.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus ReadyStart V4",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus Source Code",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "Versions including affected DNS modules"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOTICS CONNECT 400",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V0.5.0.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "TALON TC Compact (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "TALON TC Modular (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.20), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.3), Nucleus ReadyStart V4 (All versions \u003c V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions \u003c V0.5.0.0), TALON TC Compact (BACnet) (All versions \u003c V3.5.5), TALON TC Modular (BACnet) (All versions \u003c V3.5.5). The DNS domain name label parsing functionality does not properly validate the null-terminated name in DNS-responses. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the read memory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-170",
              "description": "CWE-170: Improper Null Termination",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-08T09:20:03.377Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2020-27736",
    "datePublished": "2021-04-22T20:42:19",
    "dateReserved": "2020-10-26T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.573Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-31885
Vulnerability from cvelistv5
Published
2021-11-09 11:31
Modified
2024-08-03 23:10
Severity ?
Summary
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.1), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). TFTP server application allows for reading the contents of the TFTP memory buffer via sending malformed TFTP commands. (FSMD-2021-0009)
Impacted products
Vendor Product Version
Siemens APOGEE MBC (PPC) (P2 Ethernet) Version: All versions
Siemens APOGEE MEC (PPC) (BACnet) Version: All versions
Siemens APOGEE MEC (PPC) (P2 Ethernet) Version: All versions
Siemens APOGEE PXC Compact (BACnet) Version: All versions < V3.5.4
Siemens APOGEE PXC Compact (P2 Ethernet) Version: All versions < V2.8.19
Siemens APOGEE PXC Modular (BACnet) Version: All versions < V3.5.4
Siemens APOGEE PXC Modular (P2 Ethernet) Version: All versions < V2.8.19
Siemens Desigo PXC00-E.D Version: All versions >= V2.3 and < V6.30.016
Siemens Desigo PXC00-U Version: All versions >= V2.3 and < V6.30.016
Siemens Desigo PXC001-E.D Version: All versions >= V2.3 and < V6.30.016
Siemens Desigo PXC100-E.D Version: All versions >= V2.3 and < V6.30.016
Siemens Desigo PXC12-E.D Version: All versions >= V2.3 and < V6.30.016
Siemens Desigo PXC128-U Version: All versions >= V2.3 and < V6.30.016
Siemens Desigo PXC200-E.D Version: All versions >= V2.3 and < V6.30.016
Siemens Desigo PXC22-E.D Version: All versions >= V2.3 and < V6.30.016
Siemens Desigo PXC22.1-E.D Version: All versions >= V2.3 and < V6.30.016
Siemens Desigo PXC36.1-E.D Version: All versions >= V2.3 and < V6.30.016
Siemens Desigo PXC50-E.D Version: All versions >= V2.3 and < V6.30.016
Siemens Desigo PXC64-U Version: All versions >= V2.3 and < V6.30.016
Siemens Desigo PXM20-E Version: All versions >= V2.3 and < V6.30.016
Siemens Nucleus NET Version: All versions
Siemens Nucleus ReadyStart V3 Version: All versions < V2017.02.4
Siemens Nucleus ReadyStart V4 Version: All versions < V4.1.1
Siemens Nucleus Source Code Version: All versions
Siemens PLUSCONTROL 1st Gen Version: All versions
Siemens TALON TC Compact (BACnet) Version: All versions < V3.5.4
Siemens TALON TC Modular (BACnet) Version: All versions < V3.5.4
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T23:10:30.607Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "APOGEE MBC (PPC) (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "APOGEE MBC (PPC) (P2 Ethernet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "APOGEE MEC (PPC) (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "APOGEE MEC (PPC) (P2 Ethernet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "APOGEE PXC Compact (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.4"
            }
          ]
        },
        {
          "product": "APOGEE PXC Compact (P2 Ethernet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.8.19"
            }
          ]
        },
        {
          "product": "APOGEE PXC Modular (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.4"
            }
          ]
        },
        {
          "product": "APOGEE PXC Modular (P2 Ethernet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.8.19"
            }
          ]
        },
        {
          "product": "Desigo PXC00-E.D",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 and \u003c V6.30.016"
            }
          ]
        },
        {
          "product": "Desigo PXC00-U",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 and \u003c V6.30.016"
            }
          ]
        },
        {
          "product": "Desigo PXC001-E.D",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 and \u003c V6.30.016"
            }
          ]
        },
        {
          "product": "Desigo PXC100-E.D",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 and \u003c V6.30.016"
            }
          ]
        },
        {
          "product": "Desigo PXC12-E.D",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 and \u003c V6.30.016"
            }
          ]
        },
        {
          "product": "Desigo PXC128-U",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 and \u003c V6.30.016"
            }
          ]
        },
        {
          "product": "Desigo PXC200-E.D",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 and \u003c V6.30.016"
            }
          ]
        },
        {
          "product": "Desigo PXC22-E.D",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 and \u003c V6.30.016"
            }
          ]
        },
        {
          "product": "Desigo PXC22.1-E.D",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 and \u003c V6.30.016"
            }
          ]
        },
        {
          "product": "Desigo PXC36.1-E.D",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 and \u003c V6.30.016"
            }
          ]
        },
        {
          "product": "Desigo PXC50-E.D",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 and \u003c V6.30.016"
            }
          ]
        },
        {
          "product": "Desigo PXC64-U",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 and \u003c V6.30.016"
            }
          ]
        },
        {
          "product": "Desigo PXM20-E",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 and \u003c V6.30.016"
            }
          ]
        },
        {
          "product": "Nucleus NET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "Nucleus ReadyStart V3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2017.02.4"
            }
          ]
        },
        {
          "product": "Nucleus ReadyStart V4",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.1"
            }
          ]
        },
        {
          "product": "Nucleus Source Code",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "PLUSCONTROL 1st Gen",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "TALON TC Compact (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.4"
            }
          ]
        },
        {
          "product": "TALON TC Modular (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.19), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.19), Desigo PXC00-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC00-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC001-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC100-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC12-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC128-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC200-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC36.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC50-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC64-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXM20-E (All versions \u003e= V2.3 and \u003c V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.4), Nucleus ReadyStart V4 (All versions \u003c V4.1.1), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions \u003c V3.5.4), TALON TC Modular (BACnet) (All versions \u003c V3.5.4). TFTP server application allows for reading the contents of the TFTP memory buffer via sending malformed TFTP commands. (FSMD-2021-0009)"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-805",
              "description": "CWE-805: Buffer Access with Incorrect Length Value",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-10T09:46:34",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-31885",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "APOGEE MBC (PPC) (BACnet)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "APOGEE MBC (PPC) (P2 Ethernet)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "APOGEE MEC (PPC) (BACnet)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "APOGEE MEC (PPC) (P2 Ethernet)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "APOGEE PXC Compact (BACnet)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V3.5.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "APOGEE PXC Compact (P2 Ethernet)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V2.8.19"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "APOGEE PXC Modular (BACnet)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V3.5.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "APOGEE PXC Modular (P2 Ethernet)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V2.8.19"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo PXC00-E.D",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo PXC00-U",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo PXC001-E.D",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo PXC100-E.D",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo PXC12-E.D",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo PXC128-U",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo PXC200-E.D",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo PXC22-E.D",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo PXC22.1-E.D",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo PXC36.1-E.D",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo PXC50-E.D",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo PXC64-U",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo PXM20-E",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Nucleus NET",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Nucleus ReadyStart V3",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V2017.02.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Nucleus ReadyStart V4",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Nucleus Source Code",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "PLUSCONTROL 1st Gen",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "TALON TC Compact (BACnet)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V3.5.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "TALON TC Modular (BACnet)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V3.5.4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.19), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.19), Desigo PXC00-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC00-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC001-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC100-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC12-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC128-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC200-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC36.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC50-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC64-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXM20-E (All versions \u003e= V2.3 and \u003c V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.4), Nucleus ReadyStart V4 (All versions \u003c V4.1.1), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions \u003c V3.5.4), TALON TC Modular (BACnet) (All versions \u003c V3.5.4). TFTP server application allows for reading the contents of the TFTP memory buffer via sending malformed TFTP commands. (FSMD-2021-0009)"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-805: Buffer Access with Incorrect Length Value"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-31885",
    "datePublished": "2021-11-09T11:31:58",
    "dateReserved": "2021-04-29T00:00:00",
    "dateUpdated": "2024-08-03T23:10:30.607Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-25663
Vulnerability from cvelistv5
Published
2021-04-22 20:42
Modified
2024-08-03 20:11
Summary
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (All versions including affected IPv6 stack). The function that processes IPv6 headers does not check the lengths of extension header options, allowing attackers to put this function into an infinite loop with crafted length values.
Impacted products
Vendor Product Version
Siemens Capital Embedded AR Classic R20-11 Version: 0   < V2303
Siemens Nucleus NET Version: All versions
Siemens Nucleus ReadyStart V3 Version: 0   < V2017.02.4
Siemens Nucleus ReadyStart V4 Version: 0   < V4.1.0
Siemens Nucleus Source Code Version: 0   < *
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:11:27.118Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-248289.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-05"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-248289.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Capital Embedded AR Classic 431-422",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Capital Embedded AR Classic R20-11",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2303",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus NET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus ReadyStart V3",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2017.02.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus ReadyStart V4",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus Source Code",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions \u003c V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.4), Nucleus ReadyStart V4 (All versions \u003c V4.1.0), Nucleus Source Code (All versions including affected IPv6 stack). The function that processes IPv6 headers does not check the lengths of extension header options, allowing attackers to put this function into an infinite loop with crafted length values."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-835",
              "description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-13T08:59:35.029Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-248289.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-05"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-248289.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-25663",
    "datePublished": "2021-04-22T20:42:20",
    "dateReserved": "2021-01-21T00:00:00",
    "dateUpdated": "2024-08-03T20:11:27.118Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-25664
Vulnerability from cvelistv5
Published
2021-04-22 20:42
Modified
2024-08-03 20:11
Summary
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (All versions including affected IPv6 stack). The function that processes the Hop-by-Hop extension header in IPv6 packets and its options lacks any checks against the length field of the header, allowing attackers to put the function into an infinite loop by supplying arbitrary length values.
Impacted products
Vendor Product Version
Siemens Capital Embedded AR Classic R20-11 Version: 0   < V2303
Siemens Nucleus NET Version: All versions
Siemens Nucleus ReadyStart V3 Version: 0   < V2017.02.4
Siemens Nucleus ReadyStart V4 Version: 0   < V4.1.0
Siemens Nucleus Source Code Version: 0   < *
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:11:27.513Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-248289.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-05"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-248289.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Capital Embedded AR Classic 431-422",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Capital Embedded AR Classic R20-11",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2303",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus NET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus ReadyStart V3",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2017.02.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus ReadyStart V4",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus Source Code",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions \u003c V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.4), Nucleus ReadyStart V4 (All versions \u003c V4.1.0), Nucleus Source Code (All versions including affected IPv6 stack). The function that processes the Hop-by-Hop extension header in IPv6 packets and its options lacks any checks against the length field of the header, allowing attackers to put the function into an infinite loop by supplying arbitrary length values."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-835",
              "description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-13T08:59:36.202Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-248289.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-05"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-248289.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-25664",
    "datePublished": "2021-04-22T20:42:20",
    "dateReserved": "2021-01-21T00:00:00",
    "dateUpdated": "2024-08-03T20:11:27.513Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

var-202104-1830
Vulnerability from variot

A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (All versions including affected IPv6 stack). The function that processes the Hop-by-Hop extension header in IPv6 packets and its options lacks any checks against the length field of the header, allowing attackers to put the function into an infinite loop by supplying arbitrary length values. The Nucleus NET module contains a series of standard-compliant network and communication protocols, drivers and utilities to provide full-featured network support in any embedded device. Nucleus RTOS provides a highly scalable microkernel-based real-time operating system designed for the scalability and reliability of systems in aerospace, industrial and medical applications. VSTAR is a complete AUTOSAR 4 based ECU solution that provides tools and embedded software for timely product deployment. Nucleus ReadyStart is a platform with integrated software IP, tools and services.

Siemens Nucleus products have security vulnerabilities. An attacker can use the vulnerability to put the function into infinity by providing an arbitrary length value. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202104-1830",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "nucleus readystart v3",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2017.02.4"
      },
      {
        "model": "nucleus source code",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "nucleus net",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "capital vstar",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "nucleus readystart v4",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.0"
      },
      {
        "model": "vstar",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "nucleus source code",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "nucleus net",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "nucleus readystart",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "nucleus",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "4\u003cv4.1.0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28696"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-25664"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens reported these vulnerabilities to CISA.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-993"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2021-25664",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2021-25664",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.1,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2021-28696",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2021-25664",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2021-25664",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2021-25664",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2021-28696",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202104-975",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202104-993",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2021-25664",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28696"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-25664"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-993"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-25664"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-25664"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions \u003c V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.4), Nucleus ReadyStart V4 (All versions \u003c V4.1.0), Nucleus Source Code (All versions including affected IPv6 stack). The function that processes the Hop-by-Hop extension header in IPv6 packets and its options lacks any checks against the length field of the header, allowing attackers to put the function into an infinite loop by supplying arbitrary length values. The Nucleus NET module contains a series of standard-compliant network and communication protocols, drivers and utilities to provide full-featured network support in any embedded device. Nucleus RTOS provides a highly scalable microkernel-based real-time operating system designed for the scalability and reliability of systems in aerospace, industrial and medical applications. VSTAR is a complete AUTOSAR 4 based ECU solution that provides tools and embedded software for timely product deployment. Nucleus ReadyStart is a platform with integrated software IP, tools and services. \n\r\n\r\nSiemens Nucleus products have security vulnerabilities. An attacker can use the vulnerability to put the function into infinity by providing an arbitrary length value. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-25664"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-28696"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-25664"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-25664",
        "trust": 2.3
      },
      {
        "db": "SIEMENS",
        "id": "SSA-248289",
        "trust": 2.3
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-103-05",
        "trust": 1.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-28696",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041363",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041414",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.1245",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-993",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-25664",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28696"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-25664"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-993"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-25664"
      }
    ]
  },
  "id": "VAR-202104-1830",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28696"
      }
    ],
    "trust": 1.1225228600000001
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28696"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:31:54.540000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Patch for Siemens Nucleus product IPv6 stack denial of service vulnerability (CNVD-2021-28696)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/258471"
      },
      {
        "title": "siemens Nucleus Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=147374"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=2e667a20dc904cea13ad0154c0461a55"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28696"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-25664"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-993"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-835",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-25664"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-248289.pdf"
      },
      {
        "trust": 2.3,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-05"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-248289.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041414"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.1245"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-25664"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/835.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://cert-portal.siemens.com/productcert/txt/ssa-248289.txt"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28696"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-25664"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-993"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-25664"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28696"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-25664"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-993"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-25664"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-04-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-28696"
      },
      {
        "date": "2021-04-22T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-25664"
      },
      {
        "date": "2021-04-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2021-04-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-993"
      },
      {
        "date": "2021-04-22T21:15:09.990000",
        "db": "NVD",
        "id": "CVE-2021-25664"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-04-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-28696"
      },
      {
        "date": "2021-04-30T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-25664"
      },
      {
        "date": "2021-04-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2021-11-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-993"
      },
      {
        "date": "2024-11-21T05:55:14.957000",
        "db": "NVD",
        "id": "CVE-2021-25664"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-993"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens Nucleus product IPv6 stack denial of service vulnerability (CNVD-2021-28696)",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28696"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-993"
      }
    ],
    "trust": 1.2
  }
}

var-202104-1829
Vulnerability from variot

A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions >= V0.5.0.0 < V1.0.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the DNS cache or spoof DNS resolving. SIMOTICS CONNECT 400 is a connector and sensor box installed on a low-voltage motor and provides analysis data for the MindSphere application SIDRIVE IQ Fleet.

Siemens SIMOTICS CONNECT 400 has security vulnerabilities. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202104-1829",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "nucleus readystart v3",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2017.02.4"
      },
      {
        "model": "nucleus source code",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "nucleus net",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "nucleus readystart v4",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.0"
      },
      {
        "model": "simotics connect 400",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "0.5.0.0"
      },
      {
        "model": "simotics connect",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "400\u003e=v0.5.0.0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28704"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-25677"
      }
    ]
  },
  "cve": "CVE-2021-25677",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2021-25677",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.1,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2021-28704",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2021-25677",
            "impactScore": 1.4,
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2021-25677",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2021-25677",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2021-28704",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202104-975",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202104-937",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2021-25677",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28704"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-25677"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-937"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-25677"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-25677"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.20), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.3), Nucleus ReadyStart V3 (All versions \u003c V2017.02.4), Nucleus ReadyStart V4 (All versions \u003c V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions \u003c V0.5.0.0), SIMOTICS CONNECT 400 (All versions \u003e= V0.5.0.0 \u003c V1.0.0.0), TALON TC Compact (BACnet) (All versions \u003c V3.5.5), TALON TC Modular (BACnet) (All versions \u003c V3.5.5). The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the DNS cache or spoof DNS resolving. SIMOTICS CONNECT 400 is a connector and sensor box installed on a low-voltage motor and provides analysis data for the MindSphere application SIDRIVE IQ Fleet. \n\r\n\r\nSiemens SIMOTICS CONNECT 400 has security vulnerabilities. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-25677"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-28704"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-25677"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "SIEMENS",
        "id": "SSA-669158",
        "trust": 2.3
      },
      {
        "db": "NVD",
        "id": "CVE-2021-25677",
        "trust": 2.3
      },
      {
        "db": "SIEMENS",
        "id": "SSA-705111",
        "trust": 1.7
      },
      {
        "db": "SIEMENS",
        "id": "SSA-180579",
        "trust": 1.0
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-28704",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041363",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-103-13",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041406",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041516",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-937",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-25677",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28704"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-25677"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-937"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-25677"
      }
    ]
  },
  "id": "VAR-202104-1829",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28704"
      }
    ],
    "trust": 1.1595598933333333
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28704"
      }
    ]
  },
  "last_update_date": "2024-11-23T20:10:09.634000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Patch for Siemens SIMOTICS CONNECT 400 has unspecified vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/258581"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=53e7f522de1910b1af8f6f92fe53b3b1"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=8f932b97a970d1020015c1a82a730e96"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28704"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-25677"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-330",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-25677"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-13"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-25677"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041406"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041516"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/330.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://cert-portal.siemens.com/productcert/txt/ssa-669158.txt"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28704"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-25677"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-937"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-25677"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28704"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-25677"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-937"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-25677"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-04-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-28704"
      },
      {
        "date": "2021-04-22T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-25677"
      },
      {
        "date": "2021-04-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2021-04-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-937"
      },
      {
        "date": "2021-04-22T21:15:10.207000",
        "db": "NVD",
        "id": "CVE-2021-25677"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-04-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-28704"
      },
      {
        "date": "2021-04-30T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-25677"
      },
      {
        "date": "2021-04-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2022-03-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-937"
      },
      {
        "date": "2024-11-21T05:55:16.807000",
        "db": "NVD",
        "id": "CVE-2021-25677"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-937"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMOTICS CONNECT 400 has unspecified vulnerabilities",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28704"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      }
    ],
    "trust": 0.6
  }
}

var-202111-1613
Vulnerability from variot

A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions < V1.0.0.0). ICMP echo packets with fake IP options allow sending ICMP echo reply messages to arbitrary hosts on the network. (FSMD-2021-0004)

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202111-1613",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "nucleus readystart v4",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.1"
      },
      {
        "model": "apogee modular building controller",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "talon tc compact",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "apogee pxc compact",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "nucleus net",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "nucleus source code",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "apogee pxc modular",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "talon tc modular",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "capital vstar",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "nucleus readystart v3",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2017.02.1"
      },
      {
        "model": "apogee modular equiment controller",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-31344"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens reported these vulnerabilities to CISA.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-855"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2021-31344",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2021-31344",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.0,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2021-31344",
            "impactScore": 1.4,
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2021-31344",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2021-31344",
            "trust": 1.0,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202111-855",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-855"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31344"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31344"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions \u003c V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions \u003c V0.5.0.0), SIMOTICS CONNECT 400 (All versions \u003c V1.0.0.0). ICMP echo packets with fake IP options allow sending ICMP echo reply messages to arbitrary hosts on the network. (FSMD-2021-0004)",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-31344"
      }
    ],
    "trust": 1.0
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-31344",
        "trust": 1.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-620288",
        "trust": 1.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-044112",
        "trust": 1.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-845392",
        "trust": 1.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-223353",
        "trust": 1.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-114589",
        "trust": 1.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-350-06",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-313-03",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-315-07",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-22-013-03",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-22-069-02",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021121648",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2022031013",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021111003",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2022011803",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.3874",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.4289",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.3833",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-855",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-855"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31344"
      }
    ]
  },
  "id": "VAR-202111-1613",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.544069276
  },
  "last_update_date": "2024-10-08T22:03:22.987000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Siemens Nucleus ReadyStart Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=178543"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-855"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-843",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-31344"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
      },
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
      },
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
      },
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-223353.pdf"
      },
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-044112.html"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-114589.html"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-223353.html"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-620288.html"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-845392.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021111003"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.3833"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-069-02"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.3874"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-31344"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.4289"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022011803"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-013-03"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021121648"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-07"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-350-06"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022031013"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-313-03"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-855"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31344"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-855"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31344"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-11-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202111-855"
      },
      {
        "date": "2021-11-09T12:15:09.087000",
        "db": "NVD",
        "id": "CVE-2021-31344"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-05-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202111-855"
      },
      {
        "date": "2024-10-08T09:15:03.490000",
        "db": "NVD",
        "id": "CVE-2021-31344"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-855"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens Nucleus ReadyStart Security hole",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-855"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-855"
      }
    ],
    "trust": 0.6
  }
}

var-202111-1614
Vulnerability from variot

A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions < V1.0.0.0). The total length of an TCP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0017)

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202111-1614",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "nucleus readystart v4",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.1"
      },
      {
        "model": "apogee modular building controller",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "nucleus readystart v3",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2017.02.4"
      },
      {
        "model": "talon tc compact",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "apogee pxc compact",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "nucleus net",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "nucleus source code",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "apogee pxc modular",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "talon tc modular",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "capital vstar",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "apogee modular equiment controller",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-31890"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens reported these vulnerabilities to CISA.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-836"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2021-31890",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.4,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2021-31890",
            "impactScore": 4.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.0,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2021-31890",
            "impactScore": 5.2,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "productcert@siemens.com",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2021-31890",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2021-31890",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2021-31890",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202111-836",
            "trust": 0.6,
            "value": "CRITICAL"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-836"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31890"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31890"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions \u003c V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions \u003c V0.5.0.0), SIMOTICS CONNECT 400 (All versions \u003c V1.0.0.0). The total length of an TCP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0017)",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-31890"
      }
    ],
    "trust": 1.0
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-31890",
        "trust": 1.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-620288",
        "trust": 1.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-044112",
        "trust": 1.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-845392",
        "trust": 1.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-223353",
        "trust": 1.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-114589",
        "trust": 1.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.0094",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.3874",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.4289",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.3833",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-22-013-03",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-22-069-02",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-350-06",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-313-03",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-315-07",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2022031013",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021111003",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021121648",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2022011803",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2022010910",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-836",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-836"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31890"
      }
    ]
  },
  "id": "VAR-202111-1614",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.544069276
  },
  "last_update_date": "2024-10-08T22:30:23.900000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Siemens Nucleus Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=178538"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-836"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-240",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-31890"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
      },
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
      },
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
      },
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-223353.pdf"
      },
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-044112.html"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-114589.html"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-223353.html"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-620288.html"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-845392.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021111003"
      },
      {
        "trust": 0.6,
        "url": "https://source.android.com/security/bulletin/2022-01-01"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.0094"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.3833"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-069-02"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.3874"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-january-2022-37172"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.4289"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022011803"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-013-03"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021121648"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-07"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022010910"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-350-06"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022031013"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-313-03"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-836"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31890"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-836"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31890"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-11-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202111-836"
      },
      {
        "date": "2021-11-09T12:15:09.743000",
        "db": "NVD",
        "id": "CVE-2021-31890"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-05-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202111-836"
      },
      {
        "date": "2024-10-08T09:15:06.630000",
        "db": "NVD",
        "id": "CVE-2021-31890"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-836"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens Nucleus ReadyStart Security hole",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-836"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-836"
      }
    ],
    "trust": 0.6
  }
}

var-202104-1826
Vulnerability from variot

A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name label parsing functionality does not properly validate the null-terminated name in DNS-responses. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the read memory. SIMOTICS CONNECT 400 is a connector and sensor box installed on a low-voltage motor and provides analysis data for the MindSphere application SIDRIVE IQ Fleet. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202104-1826",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "nucleus readystart v3",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2017.02.3"
      },
      {
        "model": "nucleus source code",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simotics connect 400",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "0.5.0.0"
      },
      {
        "model": "nucleus net",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "nucleus readystart v4",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.0"
      },
      {
        "model": "simotics connect",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "400\u003cv0.5.0.0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28707"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27736"
      }
    ]
  },
  "cve": "CVE-2020-27736",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2020-27736",
            "impactScore": 4.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.1,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 4.9,
            "id": "CNVD-2021-28707",
            "impactScore": 7.8,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 2.2,
            "id": "CVE-2020-27736",
            "impactScore": 4.2,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2020-27736",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2020-27736",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2021-28707",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202104-975",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202104-939",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2020-27736",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28707"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-27736"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-939"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27736"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27736"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.20), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.3), Nucleus ReadyStart V4 (All versions \u003c V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions \u003c V0.5.0.0), TALON TC Compact (BACnet) (All versions \u003c V3.5.5), TALON TC Modular (BACnet) (All versions \u003c V3.5.5). The DNS domain name label parsing functionality does not properly validate the null-terminated name in DNS-responses. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the read memory. SIMOTICS CONNECT 400 is a connector and sensor box installed on a low-voltage motor and provides analysis data for the MindSphere application SIDRIVE IQ Fleet. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-27736"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-28707"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-27736"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "SIEMENS",
        "id": "SSA-669158",
        "trust": 2.3
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27736",
        "trust": 2.3
      },
      {
        "db": "SIEMENS",
        "id": "SSA-705111",
        "trust": 1.7
      },
      {
        "db": "SIEMENS",
        "id": "SSA-180579",
        "trust": 1.0
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-28707",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041363",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041407",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041515",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-103-13",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-939",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-27736",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28707"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-27736"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-939"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27736"
      }
    ]
  },
  "id": "VAR-202104-1826",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28707"
      }
    ],
    "trust": 1.1595598933333333
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28707"
      }
    ]
  },
  "last_update_date": "2024-11-23T19:30:48.514000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Patch for Siemens SIMOTICS CONNECT 400 Denial of Service Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/258566"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=53e7f522de1910b1af8f6f92fe53b3b1"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=8f932b97a970d1020015c1a82a730e96"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28707"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-27736"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-170",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-125",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-27736"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-27736"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041515"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-13"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041407"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/170.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://cert-portal.siemens.com/productcert/txt/ssa-669158.txt"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28707"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-27736"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-939"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27736"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28707"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-27736"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-939"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27736"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-04-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-28707"
      },
      {
        "date": "2021-04-22T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-27736"
      },
      {
        "date": "2021-04-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2021-04-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-939"
      },
      {
        "date": "2021-04-22T21:15:09.250000",
        "db": "NVD",
        "id": "CVE-2020-27736"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-04-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-28707"
      },
      {
        "date": "2021-04-30T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-27736"
      },
      {
        "date": "2021-04-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2022-08-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-939"
      },
      {
        "date": "2024-11-21T05:21:43.303000",
        "db": "NVD",
        "id": "CVE-2020-27736"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-939"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMOTICS CONNECT 400 Denial of Service Vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28707"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      }
    ],
    "trust": 0.6
  }
}

var-202104-1825
Vulnerability from variot

A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the memory past the allocated structure. SIMOTICS CONNECT 400 is a connector and sensor box installed on a low-voltage motor and provides analysis data for the MindSphere application SIDRIVE IQ Fleet.

Siemens SIMOTICS CONNECT 400 has an out-of-bounds read vulnerability. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202104-1825",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "nucleus readystart v3",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2017.02.3"
      },
      {
        "model": "nucleus source code",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simotics connect 400",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "0.5.0.0"
      },
      {
        "model": "nucleus net",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "nucleus readystart v4",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.0"
      },
      {
        "model": "simotics connect",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "400\u003cv0.5.0.0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28706"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27737"
      }
    ]
  },
  "cve": "CVE-2020-27737",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2020-27737",
            "impactScore": 4.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.1,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 4.9,
            "id": "CNVD-2021-28706",
            "impactScore": 7.8,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 2.2,
            "id": "CVE-2020-27737",
            "impactScore": 4.2,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2020-27737",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2020-27737",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2021-28706",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202104-975",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202104-938",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2020-27737",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28706"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-27737"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-938"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27737"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27737"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.20), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.3), Nucleus ReadyStart V4 (All versions \u003c V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions \u003c V0.5.0.0), TALON TC Compact (BACnet) (All versions \u003c V3.5.5), TALON TC Modular (BACnet) (All versions \u003c V3.5.5). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition  or leak the memory past the allocated structure. SIMOTICS CONNECT 400 is a connector and sensor box installed on a low-voltage motor and provides analysis data for the MindSphere application SIDRIVE IQ Fleet. \n\r\n\r\nSiemens SIMOTICS CONNECT 400 has an out-of-bounds read vulnerability. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-27737"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-28706"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-27737"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-27737",
        "trust": 2.3
      },
      {
        "db": "SIEMENS",
        "id": "SSA-669158",
        "trust": 2.3
      },
      {
        "db": "SIEMENS",
        "id": "SSA-705111",
        "trust": 1.7
      },
      {
        "db": "SIEMENS",
        "id": "SSA-180579",
        "trust": 1.0
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-28706",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041363",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-103-13",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041407",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041515",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-938",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-27737",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28706"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-27737"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-938"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27737"
      }
    ]
  },
  "id": "VAR-202104-1825",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28706"
      }
    ],
    "trust": 1.1595598933333333
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28706"
      }
    ]
  },
  "last_update_date": "2024-11-23T20:59:06.066000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Patch for Siemens SIMOTICS CONNECT 400 out-of-bounds read vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/258571"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=53e7f522de1910b1af8f6f92fe53b3b1"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=8f932b97a970d1020015c1a82a730e96"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28706"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-27737"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-125",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-27737"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-27737"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041515"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-13"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041407"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/125.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://cert-portal.siemens.com/productcert/txt/ssa-669158.txt"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28706"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-27737"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-938"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27737"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28706"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-27737"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-938"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27737"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-04-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-28706"
      },
      {
        "date": "2021-04-22T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-27737"
      },
      {
        "date": "2021-04-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2021-04-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-938"
      },
      {
        "date": "2021-04-22T21:15:09.280000",
        "db": "NVD",
        "id": "CVE-2020-27737"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-04-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-28706"
      },
      {
        "date": "2021-04-30T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-27737"
      },
      {
        "date": "2021-04-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2022-03-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-938"
      },
      {
        "date": "2024-11-21T05:21:43.447000",
        "db": "NVD",
        "id": "CVE-2020-27737"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-938"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMOTICS CONNECT 400 out-of-bounds read vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28706"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      }
    ],
    "trust": 0.6
  }
}

var-202111-1606
Vulnerability from variot

A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.1), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). TFTP server application allows for reading the contents of the TFTP memory buffer via sending malformed TFTP commands. (FSMD-2021-0009). Several Siemens products contain vulnerabilities in accessing buffers with improper length values.Information may be obtained

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202111-1606",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "nucleus readystart v4",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.1"
      },
      {
        "model": "capital vstar",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "apogee pxc compact",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "nucleus source code",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "talon tc compact",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "apogee pxc modular",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "talon tc modular",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "nucleus readystart v3",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2017.02.4"
      },
      {
        "model": "nucleus net",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "apogee modular equiment controller",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "apogee modular building controller",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "nucleus readystart v4",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "nucleus readystart v3",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "apogee modular equiment controller",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "talon tc modular",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "apogee modular building controller",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "apogee pxc modular",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "apogee pxc compact",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "nucleus net",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "nucleus source code",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "capital vstar",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "talon tc compact",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006566"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31885"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens reported these vulnerabilities to CISA.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-845"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2021-31885",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2021-31885",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2021-31885",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2021-31885",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2021-31885",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2021-31885",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202111-845",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006566"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-845"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31885"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.19), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.19), Desigo PXC00-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC00-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC001-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC100-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC12-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC128-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC200-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC36.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC50-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC64-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXM20-E (All versions \u003e= V2.3 and \u003c V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.4), Nucleus ReadyStart V4 (All versions \u003c V4.1.1), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions \u003c V3.5.4), TALON TC Modular (BACnet) (All versions \u003c V3.5.4). TFTP server application allows for reading the contents of the TFTP memory buffer via sending malformed TFTP commands. (FSMD-2021-0009). Several Siemens products contain vulnerabilities in accessing buffers with improper length values.Information may be obtained",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-31885"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006566"
      }
    ],
    "trust": 1.62
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-31885",
        "trust": 3.2
      },
      {
        "db": "SIEMENS",
        "id": "SSA-044112",
        "trust": 1.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-845392",
        "trust": 1.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-114589",
        "trust": 1.6
      },
      {
        "db": "JVN",
        "id": "JVNVU98508242",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006566",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-313-03",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-315-07",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-22-013-03",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.3874",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.3833",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021111003",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2022011803",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-845",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006566"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-845"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31885"
      }
    ]
  },
  "id": "VAR-202111-1606",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.544069276
  },
  "last_update_date": "2024-08-14T13:10:16.122000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Multiple\u00a0Vulnerabilities\u00a0in\u00a0Nucleus\u00a0RTOS\u00a0based\u00a0APOGEE,\u00a0TALON\u00a0and\u00a0Desigo\u00a0PXC/PXM\u00a0Products",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
      },
      {
        "title": "Siemens Nucleus ReadyStart Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=178540"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006566"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-845"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-805",
        "trust": 1.0
      },
      {
        "problemtype": "Accessing the buffer with improper length values (CWE-805) [ Other ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006566"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31885"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
      },
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
      },
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu98508242/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-31885"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021111003"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.3874"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022011803"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-013-03"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.3833"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-07"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-313-03"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006566"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-845"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31885"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006566"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-845"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31885"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-01-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-006566"
      },
      {
        "date": "2021-11-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202111-845"
      },
      {
        "date": "2021-11-09T12:15:09.487000",
        "db": "NVD",
        "id": "CVE-2021-31885"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-01-13T06:17:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-006566"
      },
      {
        "date": "2022-05-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202111-845"
      },
      {
        "date": "2022-05-20T13:15:12.843000",
        "db": "NVD",
        "id": "CVE-2021-31885"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-845"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vulnerability in accessing buffers with improper length values in multiple Siemens products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006566"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-845"
      }
    ],
    "trust": 0.6
  }
}

var-202104-1824
Vulnerability from variot

A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a read access past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition. SIMOTICS CONNECT 400 is a connector and sensor box installed on a low-voltage motor and provides analysis data for the MindSphere application SIDRIVE IQ Fleet.

Siemens SIMOTICS CONNECT 400 has a denial of service vulnerability. Attackers can use vulnerabilities to cause denial of service. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202104-1824",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "nucleus readystart v3",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2017.02.3"
      },
      {
        "model": "nucleus source code",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simotics connect 400",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "0.5.0.0"
      },
      {
        "model": "nucleus net",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "nucleus readystart v4",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.0"
      },
      {
        "model": "simotics connect",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "400\u003cv0.5.0.0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28705"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27738"
      }
    ]
  },
  "cve": "CVE-2020-27738",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2020-27738",
            "impactScore": 4.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.0,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 4.9,
            "id": "CNVD-2021-28705",
            "impactScore": 7.8,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULMON",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.4,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2020-27738",
            "impactScore": 4.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "MEDIUM",
            "trust": 0.1,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.2,
            "id": "CVE-2020-27738",
            "impactScore": 5.2,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "author": "productcert@siemens.com",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 2.2,
            "id": "CVE-2020-27738",
            "impactScore": 4.2,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2020-27738",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2020-27738",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2021-28705",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202104-975",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202104-934",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2020-27738",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28705"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-27738"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-934"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27738"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27738"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.20), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.3), Nucleus ReadyStart V4 (All versions \u003c V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions \u003c V0.5.0.0), TALON TC Compact (BACnet) (All versions \u003c V3.5.5), TALON TC Modular (BACnet) (All versions \u003c V3.5.5). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a read access past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition. SIMOTICS CONNECT 400 is a connector and sensor box installed on a low-voltage motor and provides analysis data for the MindSphere application SIDRIVE IQ Fleet. \n\r\n\r\nSiemens SIMOTICS CONNECT 400 has a denial of service vulnerability. Attackers can use vulnerabilities to cause denial of service. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-27738"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-28705"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-27738"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "SIEMENS",
        "id": "SSA-669158",
        "trust": 2.3
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27738",
        "trust": 2.3
      },
      {
        "db": "SIEMENS",
        "id": "SSA-705111",
        "trust": 1.7
      },
      {
        "db": "SIEMENS",
        "id": "SSA-180579",
        "trust": 1.0
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-28705",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041363",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-103-13",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041407",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041515",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-934",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-27738",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28705"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-27738"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-934"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27738"
      }
    ]
  },
  "id": "VAR-202104-1824",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28705"
      }
    ],
    "trust": 1.1595598933333333
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28705"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:31:31.460000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Patch for Siemens SIMOTICS CONNECT 400 Denial of Service Vulnerability (CNVD-2021-28705)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/258576"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=53e7f522de1910b1af8f6f92fe53b3b1"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=8f932b97a970d1020015c1a82a730e96"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28705"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-27738"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-788",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-27738"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041515"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-27738"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-13"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041407"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/119.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://cert-portal.siemens.com/productcert/txt/ssa-669158.txt"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28705"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-27738"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-934"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27738"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28705"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-27738"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-934"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-27738"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-04-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-28705"
      },
      {
        "date": "2021-04-22T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-27738"
      },
      {
        "date": "2021-04-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2021-04-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-934"
      },
      {
        "date": "2021-04-22T21:15:09.313000",
        "db": "NVD",
        "id": "CVE-2020-27738"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-04-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-28705"
      },
      {
        "date": "2021-04-30T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-27738"
      },
      {
        "date": "2021-04-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2022-01-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-934"
      },
      {
        "date": "2024-11-21T05:21:43.600000",
        "db": "NVD",
        "id": "CVE-2020-27738"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-934"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMOTICS CONNECT 400 Denial of Service Vulnerability (CNVD-2021-28705)",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-28705"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      }
    ],
    "trust": 0.6
  }
}

var-202111-1611
Vulnerability from variot

A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions < V1.0.0.0). The total length of an ICMP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0007)

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202111-1611",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "nucleus readystart v4",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.1"
      },
      {
        "model": "apogee modular building controller",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "talon tc compact",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "apogee pxc compact",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "nucleus net",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "nucleus source code",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "apogee pxc modular",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "talon tc modular",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "capital vstar",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "nucleus readystart v3",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2017.02.1"
      },
      {
        "model": "apogee modular equiment controller",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-31346"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens reported these vulnerabilities to CISA.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-851"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2021-31346",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.4,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2021-31346",
            "impactScore": 4.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.0,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2021-31346",
            "impactScore": 5.2,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "productcert@siemens.com",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 3.9,
            "id": "CVE-2021-31346",
            "impactScore": 4.2,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2021-31346",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2021-31346",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202111-851",
            "trust": 0.6,
            "value": "CRITICAL"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-851"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31346"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31346"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions \u003c V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions \u003c V0.5.0.0), SIMOTICS CONNECT 400 (All versions \u003c V1.0.0.0). The total length of an ICMP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0007)",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-31346"
      }
    ],
    "trust": 1.0
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-31346",
        "trust": 1.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-620288",
        "trust": 1.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-044112",
        "trust": 1.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-845392",
        "trust": 1.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-223353",
        "trust": 1.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-114589",
        "trust": 1.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.0094",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.3874",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.4289",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.3833",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-22-013-03",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-22-069-02",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-350-06",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-313-03",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-315-07",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2022031013",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021111003",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021121648",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2022011803",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2022010910",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-851",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-851"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31346"
      }
    ]
  },
  "id": "VAR-202111-1611",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.544069276
  },
  "last_update_date": "2024-10-08T21:00:05.053000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "siemens Nucleus Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=185269"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-851"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-1284",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-31346"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
      },
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
      },
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
      },
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-223353.pdf"
      },
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-044112.html"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-114589.html"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-223353.html"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-620288.html"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-845392.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021111003"
      },
      {
        "trust": 0.6,
        "url": "https://source.android.com/security/bulletin/2022-01-01"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.0094"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.3833"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-31346"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-069-02"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.3874"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/google-android-pixel-multiple-vulnerabilities-of-january-2022-37172"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.4289"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022011803"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-013-03"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021121648"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-07"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022010910"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-350-06"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022031013"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-313-03"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-851"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31346"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-851"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31346"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-11-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202111-851"
      },
      {
        "date": "2021-11-09T12:15:09.200000",
        "db": "NVD",
        "id": "CVE-2021-31346"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-05-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202111-851"
      },
      {
        "date": "2024-10-08T09:15:04.353000",
        "db": "NVD",
        "id": "CVE-2021-31346"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-851"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens Nucleus Security hole",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-851"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-851"
      }
    ],
    "trust": 0.6
  }
}