All the vulnerabilites related to Siemens - PLUSCONTROL 1st Gen
cve-2021-31889
Vulnerability from cvelistv5
Published
2021-11-09 11:32
Modified
2024-10-08 08:39
Summary
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0). Malformed TCP packets with a corrupted SACK option leads to Information Leaks and Denial-of-Service conditions. (FSMD-2021-0015)
Impacted products
Vendor Product Version
Siemens Capital Embedded AR Classic R20-11 Version: 0   < V2303
Siemens PLUSCONTROL 1st Gen Version: All versions
Siemens SIMOTICS CONNECT 400 Version: All versions < V0.5.0.0
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T23:10:30.703Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-223353.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Capital Embedded AR Classic 431-422",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Capital Embedded AR Classic R20-11",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2303",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "PLUSCONTROL 1st Gen",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOTICS CONNECT 400",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V0.5.0.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions \u003c V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions \u003c V0.5.0.0). Malformed TCP packets with a corrupted SACK option leads to Information Leaks and Denial-of-Service conditions. (FSMD-2021-0015)"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-191",
              "description": "CWE-191: Integer Underflow (Wrap or Wraparound)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-08T08:39:49.251Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-223353.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-114589.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-044112.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-620288.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-845392.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-223353.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-31889",
    "datePublished": "2021-11-09T11:32:01",
    "dateReserved": "2021-04-29T00:00:00",
    "dateUpdated": "2024-10-08T08:39:49.251Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-31346
Vulnerability from cvelistv5
Published
2021-11-09 11:31
Modified
2024-10-08 08:39
Summary
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions < V1.0.0.0). The total length of an ICMP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0007)
Impacted products
Vendor Product Version
Siemens Capital Embedded AR Classic R20-11 Version: 0   < V2303
Siemens PLUSCONTROL 1st Gen Version: All versions
Siemens SIMOTICS CONNECT 400 Version: All versions < V0.5.0.0
Siemens SIMOTICS CONNECT 400 Version: All versions < V1.0.0.0
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T22:55:53.543Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-223353.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Capital Embedded AR Classic 431-422",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Capital Embedded AR Classic R20-11",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2303",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "PLUSCONTROL 1st Gen",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOTICS CONNECT 400",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V0.5.0.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOTICS CONNECT 400",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.0.0.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions \u003c V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions \u003c V0.5.0.0), SIMOTICS CONNECT 400 (All versions \u003c V1.0.0.0). The total length of an ICMP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0007)"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1284",
              "description": "CWE-1284: Improper Validation of Specified Quantity in Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-08T08:39:43.642Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-223353.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-114589.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-044112.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-620288.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-845392.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-223353.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-31346",
    "datePublished": "2021-11-09T11:31:53",
    "dateReserved": "2021-04-15T00:00:00",
    "dateUpdated": "2024-10-08T08:39:43.642Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-31890
Vulnerability from cvelistv5
Published
2021-11-09 11:32
Modified
2024-10-08 08:39
Summary
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions < V1.0.0.0). The total length of an TCP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0017)
Impacted products
Vendor Product Version
Siemens Capital Embedded AR Classic R20-11 Version: 0   < V2303
Siemens PLUSCONTROL 1st Gen Version: All versions
Siemens SIMOTICS CONNECT 400 Version: All versions < V0.5.0.0
Siemens SIMOTICS CONNECT 400 Version: All versions < V1.0.0.0
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T23:10:30.798Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-223353.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Capital Embedded AR Classic 431-422",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Capital Embedded AR Classic R20-11",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2303",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "PLUSCONTROL 1st Gen",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOTICS CONNECT 400",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V0.5.0.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOTICS CONNECT 400",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.0.0.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions \u003c V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions \u003c V0.5.0.0), SIMOTICS CONNECT 400 (All versions \u003c V1.0.0.0). The total length of an TCP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0017)"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-240",
              "description": "CWE-240: Improper Handling of Inconsistent Structural Elements",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-08T08:39:50.678Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-223353.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-114589.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-044112.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-620288.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-845392.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-223353.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-31890",
    "datePublished": "2021-11-09T11:32:02",
    "dateReserved": "2021-04-29T00:00:00",
    "dateUpdated": "2024-10-08T08:39:50.678Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-28388
Vulnerability from cvelistv5
Published
2021-02-09 00:00
Modified
2024-08-04 16:33
Summary
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus ReadyStart V3 (All versions < V2012.12), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). Initial Sequence Numbers (ISNs) for TCP connections are derived from an insufficiently random source. As a result, the ISN of current and future TCP connections could be predictable. An attacker could hijack existing sessions or spoof future ones.
Impacted products
Vendor Product Version
Siemens APOGEE PXC Compact (P2 Ethernet) Version: All versions < V2.8.20
Siemens APOGEE PXC Modular (BACnet) Version: All versions < V3.5.5
Siemens APOGEE PXC Modular (P2 Ethernet) Version: All versions < V2.8.20
Siemens Nucleus NET Version: All versions < V5.2
Siemens Nucleus ReadyStart V3 Version: All versions < V2012.12
Siemens Nucleus Source Code Version: All versions
Siemens PLUSCONTROL 1st Gen Version: All versions
Siemens TALON TC Compact (BACnet) Version: All versions < V3.5.5
Siemens TALON TC Modular (BACnet) Version: All versions < V3.5.5
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:33:58.999Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-362164.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-344238.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436469.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "APOGEE PXC Compact (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "APOGEE PXC Compact (P2 Ethernet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.8.20"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "APOGEE PXC Modular (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "APOGEE PXC Modular (P2 Ethernet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.8.20"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus NET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus ReadyStart V3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2012.12"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus Source Code",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "PLUSCONTROL 1st Gen",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "TALON TC Compact (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "TALON TC Modular (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.20), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.20), Nucleus NET (All versions \u003c V5.2), Nucleus ReadyStart V3 (All versions \u003c V2012.12), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions \u003c V3.5.5), TALON TC Modular (BACnet) (All versions \u003c V3.5.5). Initial Sequence Numbers (ISNs) for TCP connections are derived from an insufficiently random source. As a result, the ISN of current and future TCP connections could be predictable. An attacker could hijack existing sessions or spoof future ones."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-342",
              "description": "CWE-342: Predictable Exact Value from Previous Values",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-08T09:20:06.562Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-362164.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-344238.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436469.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2020-28388",
    "datePublished": "2021-02-09T00:00:00",
    "dateReserved": "2020-11-10T00:00:00",
    "dateUpdated": "2024-08-04T16:33:58.999Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-31345
Vulnerability from cvelistv5
Published
2021-11-09 11:31
Modified
2024-10-08 08:39
Summary
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions). The total length of an UDP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on a user-defined applications that runs on top of the UDP protocol. (FSMD-2021-0006)
Impacted products
Vendor Product Version
Siemens Capital Embedded AR Classic R20-11 Version: 0   < V2303
Siemens PLUSCONTROL 1st Gen Version: All versions
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T22:55:53.688Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Capital Embedded AR Classic 431-422",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Capital Embedded AR Classic R20-11",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2303",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "PLUSCONTROL 1st Gen",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions \u003c V2303), PLUSCONTROL 1st Gen (All versions). The total length of an UDP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on a user-defined applications that runs on top of the UDP protocol. (FSMD-2021-0006)"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1284",
              "description": "CWE-1284: Improper Validation of Specified Quantity in Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-08T08:39:42.181Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-114589.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-044112.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-620288.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-845392.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-31345",
    "datePublished": "2021-11-09T11:31:52",
    "dateReserved": "2021-04-15T00:00:00",
    "dateUpdated": "2024-10-08T08:39:42.181Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-31344
Vulnerability from cvelistv5
Published
2021-11-09 11:31
Modified
2024-10-08 08:39
Summary
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions < V1.0.0.0). ICMP echo packets with fake IP options allow sending ICMP echo reply messages to arbitrary hosts on the network. (FSMD-2021-0004)
Impacted products
Vendor Product Version
Siemens Capital Embedded AR Classic R20-11 Version: 0   < V2303
Siemens PLUSCONTROL 1st Gen Version: All versions
Siemens SIMOTICS CONNECT 400 Version: All versions < V0.5.0.0
Siemens SIMOTICS CONNECT 400 Version: All versions < V1.0.0.0
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T22:55:53.529Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-223353.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Capital Embedded AR Classic 431-422",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Capital Embedded AR Classic R20-11",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2303",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "PLUSCONTROL 1st Gen",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOTICS CONNECT 400",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V0.5.0.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOTICS CONNECT 400",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.0.0.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions \u003c V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions \u003c V0.5.0.0), SIMOTICS CONNECT 400 (All versions \u003c V1.0.0.0). ICMP echo packets with fake IP options allow sending ICMP echo reply messages to arbitrary hosts on the network. (FSMD-2021-0004)"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-843",
              "description": "CWE-843: Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-08T08:39:40.850Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-223353.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-114589.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-044112.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-620288.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-845392.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-223353.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-31344",
    "datePublished": "2021-11-09T11:31:51",
    "dateReserved": "2021-04-15T00:00:00",
    "dateUpdated": "2024-10-08T08:39:40.850Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-31885
Vulnerability from cvelistv5
Published
2021-11-09 11:31
Modified
2024-08-03 23:10
Severity ?
Summary
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.1), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). TFTP server application allows for reading the contents of the TFTP memory buffer via sending malformed TFTP commands. (FSMD-2021-0009)
Impacted products
Vendor Product Version
Siemens APOGEE MBC (PPC) (P2 Ethernet) Version: All versions
Siemens APOGEE MEC (PPC) (BACnet) Version: All versions
Siemens APOGEE MEC (PPC) (P2 Ethernet) Version: All versions
Siemens APOGEE PXC Compact (BACnet) Version: All versions < V3.5.4
Siemens APOGEE PXC Compact (P2 Ethernet) Version: All versions < V2.8.19
Siemens APOGEE PXC Modular (BACnet) Version: All versions < V3.5.4
Siemens APOGEE PXC Modular (P2 Ethernet) Version: All versions < V2.8.19
Siemens Desigo PXC00-E.D Version: All versions >= V2.3 and < V6.30.016
Siemens Desigo PXC00-U Version: All versions >= V2.3 and < V6.30.016
Siemens Desigo PXC001-E.D Version: All versions >= V2.3 and < V6.30.016
Siemens Desigo PXC100-E.D Version: All versions >= V2.3 and < V6.30.016
Siemens Desigo PXC12-E.D Version: All versions >= V2.3 and < V6.30.016
Siemens Desigo PXC128-U Version: All versions >= V2.3 and < V6.30.016
Siemens Desigo PXC200-E.D Version: All versions >= V2.3 and < V6.30.016
Siemens Desigo PXC22-E.D Version: All versions >= V2.3 and < V6.30.016
Siemens Desigo PXC22.1-E.D Version: All versions >= V2.3 and < V6.30.016
Siemens Desigo PXC36.1-E.D Version: All versions >= V2.3 and < V6.30.016
Siemens Desigo PXC50-E.D Version: All versions >= V2.3 and < V6.30.016
Siemens Desigo PXC64-U Version: All versions >= V2.3 and < V6.30.016
Siemens Desigo PXM20-E Version: All versions >= V2.3 and < V6.30.016
Siemens Nucleus NET Version: All versions
Siemens Nucleus ReadyStart V3 Version: All versions < V2017.02.4
Siemens Nucleus ReadyStart V4 Version: All versions < V4.1.1
Siemens Nucleus Source Code Version: All versions
Siemens PLUSCONTROL 1st Gen Version: All versions
Siemens TALON TC Compact (BACnet) Version: All versions < V3.5.4
Siemens TALON TC Modular (BACnet) Version: All versions < V3.5.4
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T23:10:30.607Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "APOGEE MBC (PPC) (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "APOGEE MBC (PPC) (P2 Ethernet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "APOGEE MEC (PPC) (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "APOGEE MEC (PPC) (P2 Ethernet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "APOGEE PXC Compact (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.4"
            }
          ]
        },
        {
          "product": "APOGEE PXC Compact (P2 Ethernet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.8.19"
            }
          ]
        },
        {
          "product": "APOGEE PXC Modular (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.4"
            }
          ]
        },
        {
          "product": "APOGEE PXC Modular (P2 Ethernet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.8.19"
            }
          ]
        },
        {
          "product": "Desigo PXC00-E.D",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 and \u003c V6.30.016"
            }
          ]
        },
        {
          "product": "Desigo PXC00-U",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 and \u003c V6.30.016"
            }
          ]
        },
        {
          "product": "Desigo PXC001-E.D",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 and \u003c V6.30.016"
            }
          ]
        },
        {
          "product": "Desigo PXC100-E.D",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 and \u003c V6.30.016"
            }
          ]
        },
        {
          "product": "Desigo PXC12-E.D",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 and \u003c V6.30.016"
            }
          ]
        },
        {
          "product": "Desigo PXC128-U",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 and \u003c V6.30.016"
            }
          ]
        },
        {
          "product": "Desigo PXC200-E.D",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 and \u003c V6.30.016"
            }
          ]
        },
        {
          "product": "Desigo PXC22-E.D",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 and \u003c V6.30.016"
            }
          ]
        },
        {
          "product": "Desigo PXC22.1-E.D",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 and \u003c V6.30.016"
            }
          ]
        },
        {
          "product": "Desigo PXC36.1-E.D",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 and \u003c V6.30.016"
            }
          ]
        },
        {
          "product": "Desigo PXC50-E.D",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 and \u003c V6.30.016"
            }
          ]
        },
        {
          "product": "Desigo PXC64-U",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 and \u003c V6.30.016"
            }
          ]
        },
        {
          "product": "Desigo PXM20-E",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 and \u003c V6.30.016"
            }
          ]
        },
        {
          "product": "Nucleus NET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "Nucleus ReadyStart V3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2017.02.4"
            }
          ]
        },
        {
          "product": "Nucleus ReadyStart V4",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.1"
            }
          ]
        },
        {
          "product": "Nucleus Source Code",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "PLUSCONTROL 1st Gen",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "TALON TC Compact (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.4"
            }
          ]
        },
        {
          "product": "TALON TC Modular (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.19), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.19), Desigo PXC00-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC00-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC001-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC100-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC12-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC128-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC200-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC36.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC50-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC64-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXM20-E (All versions \u003e= V2.3 and \u003c V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.4), Nucleus ReadyStart V4 (All versions \u003c V4.1.1), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions \u003c V3.5.4), TALON TC Modular (BACnet) (All versions \u003c V3.5.4). TFTP server application allows for reading the contents of the TFTP memory buffer via sending malformed TFTP commands. (FSMD-2021-0009)"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-805",
              "description": "CWE-805: Buffer Access with Incorrect Length Value",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-10T09:46:34",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-31885",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "APOGEE MBC (PPC) (BACnet)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "APOGEE MBC (PPC) (P2 Ethernet)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "APOGEE MEC (PPC) (BACnet)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "APOGEE MEC (PPC) (P2 Ethernet)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "APOGEE PXC Compact (BACnet)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V3.5.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "APOGEE PXC Compact (P2 Ethernet)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V2.8.19"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "APOGEE PXC Modular (BACnet)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V3.5.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "APOGEE PXC Modular (P2 Ethernet)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V2.8.19"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo PXC00-E.D",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo PXC00-U",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo PXC001-E.D",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo PXC100-E.D",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo PXC12-E.D",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo PXC128-U",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo PXC200-E.D",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo PXC22-E.D",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo PXC22.1-E.D",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo PXC36.1-E.D",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo PXC50-E.D",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo PXC64-U",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo PXM20-E",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.3 and \u003c V6.30.016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Nucleus NET",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Nucleus ReadyStart V3",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V2017.02.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Nucleus ReadyStart V4",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Nucleus Source Code",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "PLUSCONTROL 1st Gen",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "TALON TC Compact (BACnet)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V3.5.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "TALON TC Modular (BACnet)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V3.5.4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.19), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.19), Desigo PXC00-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC00-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC001-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC100-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC12-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC128-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC200-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC22.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC36.1-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC50-E.D (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXC64-U (All versions \u003e= V2.3 and \u003c V6.30.016), Desigo PXM20-E (All versions \u003e= V2.3 and \u003c V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.4), Nucleus ReadyStart V4 (All versions \u003c V4.1.1), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions \u003c V3.5.4), TALON TC Modular (BACnet) (All versions \u003c V3.5.4). TFTP server application allows for reading the contents of the TFTP memory buffer via sending malformed TFTP commands. (FSMD-2021-0009)"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-805: Buffer Access with Incorrect Length Value"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-31885",
    "datePublished": "2021-11-09T11:31:58",
    "dateReserved": "2021-04-29T00:00:00",
    "dateUpdated": "2024-08-03T23:10:30.607Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

var-202102-1448
Vulnerability from variot

A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus ReadyStart V3 (All versions < V2012.12), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). Initial Sequence Numbers (ISNs) for TCP connections are derived from an insufficiently random source. As a result, the ISN of current and future TCP connections could be predictable. An attacker could hijack existing sessions or spoof future ones. Nucleus NET , Nucleus ReadyStart , PLUSCONTROL 1st Gen Exists in unspecified vulnerabilities.Information may be tampered with. The Nucleus NET module contains a series of standard-compliant network and communication protocols, drivers and utilities to provide full-featured network support in any embedded device.

Siemens Nucleus NET has security vulnerabilities

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202102-1448",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "nucleus net",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.2"
      },
      {
        "model": "nucleus source code",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "nucleus readystart",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2012.12"
      },
      {
        "model": "capital vstar",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "pluscontrol 1st gen",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "nucleus readystart",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "nucleus net",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "nucleus net",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v5.2"
      },
      {
        "model": "nucleus readystart for arm,mips,and ppc",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v2012.12"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-11834"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-015980"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-28388"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "and Amine Amri of Forescout Research Labs reported these vulnerabilities to CISA., Stanislav Dashevskyi,Daniel dos Santos, Jos Wetzels",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-881"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2020-28388",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2020-28388",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2021-11834",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2020-28388",
            "impactScore": 1.4,
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "productcert@siemens.com",
            "availabilityImpact": "LOW",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2020-28388",
            "impactScore": 2.5,
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.3,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2020-28388",
            "impactScore": null,
            "integrityImpact": "Low",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2020-28388",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2020-28388",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2020-28388",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2021-11834",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202102-881",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2020-28388",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-11834"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-28388"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-015980"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-881"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-28388"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-28388"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.20), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.20), Nucleus NET (All versions \u003c V5.2), Nucleus ReadyStart V3 (All versions \u003c V2012.12), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions \u003c V3.5.5), TALON TC Modular (BACnet) (All versions \u003c V3.5.5). Initial Sequence Numbers (ISNs) for TCP connections are derived from an insufficiently random source. As a result, the ISN of current and future TCP connections could be predictable. An attacker could hijack existing sessions or spoof future ones. Nucleus NET , Nucleus ReadyStart , PLUSCONTROL 1st Gen Exists in unspecified vulnerabilities.Information may be tampered with. The Nucleus NET module contains a series of standard-compliant network and communication protocols, drivers and utilities to provide full-featured network support in any embedded device. \n\r\n\r\nSiemens Nucleus NET has security vulnerabilities",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-28388"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-015980"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-11834"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-28388"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-28388",
        "trust": 3.9
      },
      {
        "db": "SIEMENS",
        "id": "SSA-362164",
        "trust": 2.3
      },
      {
        "db": "SIEMENS",
        "id": "SSA-436469",
        "trust": 1.7
      },
      {
        "db": "SIEMENS",
        "id": "SSA-344238",
        "trust": 1.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-068-08",
        "trust": 1.4
      },
      {
        "db": "SIEMENS",
        "id": "SSA-180579",
        "trust": 1.0
      },
      {
        "db": "JVN",
        "id": "JVNVU91083521",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU90767599",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU91561630",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU93441670",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-22-349-14",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-015980",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-11834",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.0853",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.0538",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-042-01",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-881",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-22-349-10",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-28388",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-11834"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-28388"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-015980"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-881"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-28388"
      }
    ]
  },
  "id": "VAR-202102-1448",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-11834"
      }
    ],
    "trust": 0.9393398399999999
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-11834"
      }
    ]
  },
  "last_update_date": "2024-11-23T20:57:34.216000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-362164 Siemens\u00a0Security\u00a0Advisory",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-362164.pdf"
      },
      {
        "title": "Patch for Siemens Nucleus NET predictable initial sequence vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/248776"
      },
      {
        "title": "Multiple  Nucleus product Security vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=141302"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=864fdb86041bc2144f114e7ec91e8aa5"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=ec5d325ed2cb9493722dc92d15dd7d3b"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-11834"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-28388"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-015980"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-881"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-342",
        "trust": 1.0
      },
      {
        "problemtype": "others (CWE-Other) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-015980"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-28388"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-362164.pdf"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-344238.pdf"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436469.pdf"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu91083521"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu93441670"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu90767599"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu91561630/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-28388"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-14"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-068-08"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.0853"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-068-08"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.0538"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-042-01"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/342.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-10"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-11834"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-28388"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-015980"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-881"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-28388"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-11834"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-28388"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-015980"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-881"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-28388"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-02-22T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-11834"
      },
      {
        "date": "2021-02-09T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-28388"
      },
      {
        "date": "2021-10-29T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-015980"
      },
      {
        "date": "2021-02-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202102-881"
      },
      {
        "date": "2021-02-09T18:15:34.590000",
        "db": "NVD",
        "id": "CVE-2020-28388"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-04-12T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-11834"
      },
      {
        "date": "2022-12-13T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-28388"
      },
      {
        "date": "2024-09-12T07:14:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-015980"
      },
      {
        "date": "2022-12-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202102-881"
      },
      {
        "date": "2024-11-21T05:22:42.130000",
        "db": "NVD",
        "id": "CVE-2020-28388"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-881"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vulnerabilities in multiple Siemens products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-015980"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-881"
      }
    ],
    "trust": 0.6
  }
}