Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-35684 (GCVE-0-2020-35684)
Vulnerability from cvelistv5
Published
2021-08-19 11:19
Modified
2024-08-04 17:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible).
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:09:14.969Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.hcc-embedded.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-19T11:19:27",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.hcc-embedded.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-35684",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.hcc-embedded.com",
"refsource": "MISC",
"url": "https://www.hcc-embedded.com"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"name": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/",
"refsource": "MISC",
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/608209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-35684",
"datePublished": "2021-08-19T11:19:01",
"dateReserved": "2020-12-24T00:00:00",
"dateUpdated": "2024-08-04T17:09:14.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2020-35684\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2021-08-19T12:15:08.020\",\"lastModified\":\"2024-11-21T05:27:50.820\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible).\"},{\"lang\":\"es\",\"value\":\"Se ha detectado un problema en HCC Nichestack versi\u00f3n 3.0. El c\u00f3digo que analiza los paquetes TCP se basa en un valor no comprobado del tama\u00f1o de la carga \u00fatil IP (extra\u00eddo del encabezado IP) para calcular la longitud de la carga \u00fatil TCP dentro de la funci\u00f3n de c\u00e1lculo de la suma de comprobaci\u00f3n TCP. Cuando el tama\u00f1o de la carga \u00fatil IP est\u00e1 configurado para ser menor que el tama\u00f1o del encabezado IP, la funci\u00f3n de c\u00e1lculo de la suma de comprobaci\u00f3n TCP puede leer fuera de l\u00edmites (tambi\u00e9n es posible una escritura fuera de l\u00edmites de bajo impacto).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcc-embedded:nichestack:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22916BA2-C530-46C0-9C4E-1C0342C9089E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:sentron_3wl_com35_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.2.0\",\"matchCriteriaId\":\"438332F0-E222-48FB-BA95-0A79EAC9E448\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:sentron_3wl_com35:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF6988F4-8734-4B27-AD0B-B91F25654F9A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:sentron_3wa_com190_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.0.0\",\"matchCriteriaId\":\"B62056DC-DF99-4118-9B22-45E51980CD7F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:sentron_3wa_com190:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"797EAA6F-5E8C-4855-87ED-CE4D76D02571\"}]}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://www.hcc-embedded.com\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/608209\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://www.hcc-embedded.com\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/608209\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}]}}"
}
}
var-202108-0212
Vulnerability from variot
An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible). HCC Embedded's software called InterNiche stack (NicheStack) and NicheLite, which provides TCP/IP networking capability to embedded systems, is impacted by multiple vulnerabilities. The Forescout and JFrog researchers who discovered this set of vulnerabilities have identified these as "INFRA:HALT"CVE-2020-25767 Affected Vendor Statement: This issue is present in all versions of Nichestack prior to 4.3. The global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. The issue is present in the in_common module version 1.15.
A fix for this will be available from HCC on 2021-02-19 CVE-2020-25926 Affected Vendor Statement: This issue is present in all versions of Nichestack prior to 4.3. The global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. The issue is present in the in_common module version 1.15.
A fix for this will be available from HCC on 2021-03-02 CVE-2020-25927 Affected Vendor Statement: This issue is present in all versions of Nichestack prior to 4.3. The global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. The issue is present in the in_common module version 1.15.
A fix for this will be available from HCC on 2021-02-19 CVE-2020-25928 Affected Vendor Statement: This issue is present in all versions of Nichestack prior to 4.3. The global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. The issue is present in the in_common module version 1.15.
A fix for this will be available from HCC on 2021-02-19 CVE-2020-35683 Affected Vendor Statement: This issue is present in all versions of Nichestack prior to 4.3. The global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. The issue is present in the in_ipv4 module version 1.5.
A fix for this will be available from HCC on 2021-03-02 CVE-2020-35684 Affected Vendor Statement: This issue is present in all versions of Nichestack prior to 4.3. The global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. The issue is present in the in_tcp module version 1.9.
A fix for this will be available from HCC on 2021-03-16 CVE-2020-35685 Affected Vendor Statement: This issue is present in all versions of Nichestack prior to 4.3. The global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. The issue is present in the in_tcp module version 1.9.
A fix for this will be available from HCC on 2021-03-16 CVE-2021-27565 Affected Vendor Statement: The infinite loop entered in case this occurs is really for the user to implement when integrating the software. But whatever their implementation this code should not be structured like this. CVE-2021-31226 Affected Vendor Statement: This is an issue in all versions of Nichestack <4.3, This issue is fixed in Nichestack v4.3 with in_httpsvr module v1.7. CVE-2021-31227 Affected Vendor Statement: This is an issue in all versions of Nichestack <4.3, This issue is fixed in Nichestack v4.3 with in_httpsvr module v1.7. CVE-2021-31228 Affected Vendor Statement: This is an issue in all versions of Nichestack <4.3, This issue is fixed in Nichestack v4.3 with in_httpsvr module v1.7. CVE-2021-31400 Affected Vendor Statement: This issue is present in all versions of Nichestack prior to 4.3. The global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. The issue is present in the in_tcp module version 1.9.
A fix for this will be available from HCC on 2021-02-26 CVE-2021-31401 Affected Vendor Statement: This issue is present in all versions of Nichestack prior to 4.3. The global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. The issue is present in the in_tcp module version 1.9.
A fix for this will be available from HCC on 2021-03-16 CVE-2021-36762 Unknown Vendor Statement: This issue is present in all versions of Nichestack prior to 4.3. The global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. The issue is fixed in in_tftp module version 1.2CVE-2020-25767 Affected Vendor Statement: This issue is present in all versions of Nichestack prior to 4.3. The global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. The issue is present in the in_common module version 1.15.
A fix for this will be available from HCC on 2021-02-19 CVE-2020-25926 Affected Vendor Statement: This issue is present in all versions of Nichestack prior to 4.3. The global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. The issue is present in the in_common module version 1.15.
A fix for this will be available from HCC on 2021-03-02 CVE-2020-25927 Affected Vendor Statement: This issue is present in all versions of Nichestack prior to 4.3. The global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. The issue is present in the in_common module version 1.15.
A fix for this will be available from HCC on 2021-02-19 CVE-2020-25928 Affected Vendor Statement: This issue is present in all versions of Nichestack prior to 4.3. The global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. The issue is present in the in_common module version 1.15.
A fix for this will be available from HCC on 2021-02-19 CVE-2020-35683 Affected Vendor Statement: This issue is present in all versions of Nichestack prior to 4.3. The global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. The issue is present in the in_ipv4 module version 1.5.
A fix for this will be available from HCC on 2021-03-02 CVE-2020-35684 Affected Vendor Statement: This issue is present in all versions of Nichestack prior to 4.3. The global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. The issue is present in the in_tcp module version 1.9.
A fix for this will be available from HCC on 2021-03-16 CVE-2020-35685 Affected Vendor Statement: This issue is present in all versions of Nichestack prior to 4.3. The global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. The issue is present in the in_tcp module version 1.9.
A fix for this will be available from HCC on 2021-03-16 CVE-2021-27565 Affected Vendor Statement: The infinite loop entered in case this occurs is really for the user to implement when integrating the software. But whatever their implementation this code should not be structured like this. CVE-2021-31226 Affected Vendor Statement: This is an issue in all versions of Nichestack <4.3, This issue is fixed in Nichestack v4.3 with in_httpsvr module v1.7. CVE-2021-31227 Affected Vendor Statement: This is an issue in all versions of Nichestack <4.3, This issue is fixed in Nichestack v4.3 with in_httpsvr module v1.7. CVE-2021-31228 Affected Vendor Statement: This is an issue in all versions of Nichestack <4.3, This issue is fixed in Nichestack v4.3 with in_httpsvr module v1.7. CVE-2021-31400 Affected Vendor Statement: This issue is present in all versions of Nichestack prior to 4.3. The global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. The issue is present in the in_tcp module version 1.9.
A fix for this will be available from HCC on 2021-02-26 CVE-2021-31401 Affected Vendor Statement: This issue is present in all versions of Nichestack prior to 4.3. The global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. The issue is present in the in_tcp module version 1.9.
A fix for this will be available from HCC on 2021-03-16 CVE-2021-36762 Unknown Vendor Statement: This issue is present in all versions of Nichestack prior to 4.3. The global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. The issue is fixed in in_tftp module version 1.2.
InterNiche Technologies NicheStack has an input validation error vulnerability, which exists due to insufficient input validation provided by users in the TCP component. A remote attacker can use this vulnerability to pass specially crafted input to the application and perform a denial of service (DoS) attack. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Siemens Security Advisory
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202108-0212",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sentron 3wl com35",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.2.0"
},
{
"model": "nichestack",
"scope": "eq",
"trust": 1.0,
"vendor": "hcc embedded",
"version": "3.0"
},
{
"model": "sentron 3wa com190",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.0.0"
},
{
"model": "embedded interniche stack",
"scope": "lt",
"trust": 0.6,
"vendor": "hcc",
"version": "v4.3"
},
{
"model": "embedded nichelite",
"scope": "lt",
"trust": 0.6,
"vendor": "hcc",
"version": "v4.3"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-58800"
},
{
"db": "NVD",
"id": "CVE-2020-35684"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This document was written by Vijay Sarvepalli.Statement Date:\u00a0\u00a0 July 20, 2021",
"sources": [
{
"db": "CERT/CC",
"id": "VU#608209"
}
],
"trust": 0.8
},
"cve": "CVE-2020-35684",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-35684",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2021-58800",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-35684",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-35684",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2021-58800",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202108-416",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-58800"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-416"
},
{
"db": "NVD",
"id": "CVE-2020-35684"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible). HCC Embedded\u0027s software called InterNiche stack (NicheStack) and NicheLite, which provides TCP/IP networking capability to embedded systems, is impacted by multiple vulnerabilities. The Forescout and JFrog researchers who discovered this set of vulnerabilities have identified these as \"INFRA:HALT\"CVE-2020-25767 Affected\nVendor Statement:\nThis issue is present in all versions of Nichestack prior to 4.3. \r\nThe global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. \r\nThe issue is present in the in_common module version 1.15. \r\n\r\nA fix for this will be available from HCC on 2021-02-19\nCVE-2020-25926 Affected\nVendor Statement:\nThis issue is present in all versions of Nichestack prior to 4.3. \r\nThe global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. \r\nThe issue is present in the in_common module version 1.15. \r\n\r\nA fix for this will be available from HCC on 2021-03-02\nCVE-2020-25927 Affected\nVendor Statement:\nThis issue is present in all versions of Nichestack prior to 4.3. \r\nThe global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. \r\nThe issue is present in the in_common module version 1.15. \r\n\r\nA fix for this will be available from HCC on 2021-02-19\nCVE-2020-25928 Affected\nVendor Statement:\nThis issue is present in all versions of Nichestack prior to 4.3. \r\nThe global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. \r\nThe issue is present in the in_common module version 1.15. \r\n\r\nA fix for this will be available from HCC on 2021-02-19\nCVE-2020-35683 Affected\nVendor Statement:\nThis issue is present in all versions of Nichestack prior to 4.3. \r\nThe global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. \r\nThe issue is present in the in_ipv4 module version 1.5. \r\n\r\nA fix for this will be available from HCC on 2021-03-02\nCVE-2020-35684 Affected\nVendor Statement:\nThis issue is present in all versions of Nichestack prior to 4.3. \r\nThe global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. \r\nThe issue is present in the in_tcp module version 1.9. \r\n\r\nA fix for this will be available from HCC on 2021-03-16\nCVE-2020-35685 Affected\nVendor Statement:\nThis issue is present in all versions of Nichestack prior to 4.3. \r\nThe global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. \r\nThe issue is present in the in_tcp module version 1.9. \r\n\r\nA fix for this will be available from HCC on 2021-03-16\nCVE-2021-27565 Affected\nVendor Statement:\nThe infinite loop entered in case this occurs is really for the user to implement when integrating the software. But whatever their implementation this code should not be structured like this. \nCVE-2021-31226 Affected\nVendor Statement:\nThis is an issue in all versions of Nichestack \u003c4.3,\r\nThis issue is fixed in Nichestack v4.3 with in_httpsvr module v1.7. \nCVE-2021-31227 Affected\nVendor Statement:\nThis is an issue in all versions of Nichestack \u003c4.3,\r\nThis issue is fixed in Nichestack v4.3 with in_httpsvr module v1.7. \nCVE-2021-31228 Affected\nVendor Statement:\nThis is an issue in all versions of Nichestack \u003c4.3,\r\nThis issue is fixed in Nichestack v4.3 with in_httpsvr module v1.7. \nCVE-2021-31400 Affected\nVendor Statement:\nThis issue is present in all versions of Nichestack prior to 4.3. \r\nThe global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. \r\nThe issue is present in the in_tcp module version 1.9. \r\n\r\nA fix for this will be available from HCC on 2021-02-26\nCVE-2021-31401 Affected\nVendor Statement:\nThis issue is present in all versions of Nichestack prior to 4.3. \r\nThe global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. \r\nThe issue is present in the in_tcp module version 1.9. \r\n\r\nA fix for this will be available from HCC on 2021-03-16\nCVE-2021-36762 Unknown\nVendor Statement:\nThis issue is present in all versions of Nichestack prior to 4.3. \r\nThe global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. \r\nThe issue is fixed in in_tftp module version 1.2CVE-2020-25767 Affected\nVendor Statement:\nThis issue is present in all versions of Nichestack prior to 4.3. \r\nThe global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. \r\nThe issue is present in the in_common module version 1.15. \r\n\r\nA fix for this will be available from HCC on 2021-02-19\nCVE-2020-25926 Affected\nVendor Statement:\nThis issue is present in all versions of Nichestack prior to 4.3. \r\nThe global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. \r\nThe issue is present in the in_common module version 1.15. \r\n\r\nA fix for this will be available from HCC on 2021-03-02\nCVE-2020-25927 Affected\nVendor Statement:\nThis issue is present in all versions of Nichestack prior to 4.3. \r\nThe global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. \r\nThe issue is present in the in_common module version 1.15. \r\n\r\nA fix for this will be available from HCC on 2021-02-19\nCVE-2020-25928 Affected\nVendor Statement:\nThis issue is present in all versions of Nichestack prior to 4.3. \r\nThe global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. \r\nThe issue is present in the in_common module version 1.15. \r\n\r\nA fix for this will be available from HCC on 2021-02-19\nCVE-2020-35683 Affected\nVendor Statement:\nThis issue is present in all versions of Nichestack prior to 4.3. \r\nThe global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. \r\nThe issue is present in the in_ipv4 module version 1.5. \r\n\r\nA fix for this will be available from HCC on 2021-03-02\nCVE-2020-35684 Affected\nVendor Statement:\nThis issue is present in all versions of Nichestack prior to 4.3. \r\nThe global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. \r\nThe issue is present in the in_tcp module version 1.9. \r\n\r\nA fix for this will be available from HCC on 2021-03-16\nCVE-2020-35685 Affected\nVendor Statement:\nThis issue is present in all versions of Nichestack prior to 4.3. \r\nThe global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. \r\nThe issue is present in the in_tcp module version 1.9. \r\n\r\nA fix for this will be available from HCC on 2021-03-16\nCVE-2021-27565 Affected\nVendor Statement:\nThe infinite loop entered in case this occurs is really for the user to implement when integrating the software. But whatever their implementation this code should not be structured like this. \nCVE-2021-31226 Affected\nVendor Statement:\nThis is an issue in all versions of Nichestack \u003c4.3,\r\nThis issue is fixed in Nichestack v4.3 with in_httpsvr module v1.7. \nCVE-2021-31227 Affected\nVendor Statement:\nThis is an issue in all versions of Nichestack \u003c4.3,\r\nThis issue is fixed in Nichestack v4.3 with in_httpsvr module v1.7. \nCVE-2021-31228 Affected\nVendor Statement:\nThis is an issue in all versions of Nichestack \u003c4.3,\r\nThis issue is fixed in Nichestack v4.3 with in_httpsvr module v1.7. \nCVE-2021-31400 Affected\nVendor Statement:\nThis issue is present in all versions of Nichestack prior to 4.3. \r\nThe global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. \r\nThe issue is present in the in_tcp module version 1.9. \r\n\r\nA fix for this will be available from HCC on 2021-02-26\nCVE-2021-31401 Affected\nVendor Statement:\nThis issue is present in all versions of Nichestack prior to 4.3. \r\nThe global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. \r\nThe issue is present in the in_tcp module version 1.9. \r\n\r\nA fix for this will be available from HCC on 2021-03-16\nCVE-2021-36762 Unknown\nVendor Statement:\nThis issue is present in all versions of Nichestack prior to 4.3. \r\nThe global version number for Nichestack is now frozen at 4.3 and we now maintain version numbers for each module. \r\nThe issue is fixed in in_tftp module version 1.2. \n\r\n\r\nInterNiche Technologies NicheStack has an input validation error vulnerability, which exists due to insufficient input validation provided by users in the TCP component. A remote attacker can use this vulnerability to pass specially crafted input to the application and perform a denial of service (DoS) attack. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Siemens Security Advisory",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-35684"
},
{
"db": "CERT/CC",
"id": "VU#608209"
},
{
"db": "CNVD",
"id": "CNVD-2021-58800"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "VULMON",
"id": "CVE-2020-35684"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-35684",
"trust": 3.1
},
{
"db": "CERT/CC",
"id": "VU#608209",
"trust": 2.4
},
{
"db": "SIEMENS",
"id": "SSA-789208",
"trust": 2.3
},
{
"db": "CNVD",
"id": "CNVD-2021-58800",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021041363",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021080402",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021080607",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-21-217-01",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2661",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202108-416",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-35684",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#608209"
},
{
"db": "CNVD",
"id": "CNVD-2021-58800"
},
{
"db": "VULMON",
"id": "CVE-2020-35684"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-416"
},
{
"db": "NVD",
"id": "CVE-2020-35684"
}
]
},
"id": "VAR-202108-0212",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-58800"
}
],
"trust": 1.4125
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-58800"
}
]
},
"last_update_date": "2024-08-14T12:46:59.412000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for HCC Embedded InterNiche Technologies NicheStack input verification error vulnerability (CNVD-2021-58800)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/285006"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=dcdeae95fabde3361948ed61a281b1cb"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-58800"
},
{
"db": "VULMON",
"id": "CVE-2020-35684"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-35684"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"trust": 1.6,
"url": "https://www.kb.cert.org/vuls/id/608209"
},
{
"trust": 1.6,
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"trust": 1.6,
"url": "https://www.hcc-embedded.com"
},
{
"trust": 0.8,
"url": "cve-2020-25767 "
},
{
"trust": 0.8,
"url": "cve-2020-25926 "
},
{
"trust": 0.8,
"url": "cve-2020-25927 "
},
{
"trust": 0.8,
"url": "cve-2020-25928 "
},
{
"trust": 0.8,
"url": "cve-2020-35683 "
},
{
"trust": 0.8,
"url": "cve-2020-35684 "
},
{
"trust": 0.8,
"url": "cve-2020-35685 "
},
{
"trust": 0.8,
"url": "cve-2021-27565 "
},
{
"trust": 0.8,
"url": "cve-2021-31226 "
},
{
"trust": 0.8,
"url": "cve-2021-31227 "
},
{
"trust": 0.8,
"url": "cve-2021-31228 "
},
{
"trust": 0.8,
"url": "cve-2021-31400 "
},
{
"trust": 0.8,
"url": "cve-2021-31401 "
},
{
"trust": 0.8,
"url": "cve-2021-36762 "
},
{
"trust": 0.8,
"url": "vince json"
},
{
"trust": 0.8,
"url": "csaf"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2661"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021080402"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-217-01"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021080607"
},
{
"trust": 0.1,
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-789208.txt"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#608209"
},
{
"db": "CNVD",
"id": "CNVD-2021-58800"
},
{
"db": "VULMON",
"id": "CVE-2020-35684"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-416"
},
{
"db": "NVD",
"id": "CVE-2020-35684"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#608209"
},
{
"db": "CNVD",
"id": "CNVD-2021-58800"
},
{
"db": "VULMON",
"id": "CVE-2020-35684"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-416"
},
{
"db": "NVD",
"id": "CVE-2020-35684"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-10T00:00:00",
"db": "CERT/CC",
"id": "VU#608209"
},
{
"date": "2021-08-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-58800"
},
{
"date": "2021-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-08-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202108-416"
},
{
"date": "2021-08-19T12:15:08.020000",
"db": "NVD",
"id": "CVE-2020-35684"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-09-23T00:00:00",
"db": "CERT/CC",
"id": "VU#608209"
},
{
"date": "2022-01-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-58800"
},
{
"date": "2021-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-08-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202108-416"
},
{
"date": "2021-08-26T18:21:10.807000",
"db": "NVD",
"id": "CVE-2020-35684"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202108-416"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NicheStack embedded TCP/IP has vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#608209"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
}
],
"trust": 0.6
}
}
CERTFR-2023-AVI-0363
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Schneider. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | OPC Factory Server (OFS) versions antérieures à V3.63SP2 | ||
| N/A | N/A | Modicon X80 Module (part number BMXNOM0200) versions antérieures à V1.60 | ||
| N/A | N/A | PowerLogic PM8000 antérieures à 4.0.0 sans le dernier correctif de sécurité | ||
| N/A | N/A | PowerLogic ION7400 antérieures à 4.0.0 sans le dernier correctif de sécurité | ||
| N/A | N/A | EcoStruxure Power Operation versions 2022 antérieures à 2022 CU1 | ||
| N/A | N/A | EcoStruxure Power Operation versions 2021 antérieures à 2021 CU3 | ||
| N/A | N/A | Produits Legacy ION toutes versions | ||
| N/A | N/A | PowerLogic ION9000 antérieures à 4.0.0 sans le dernier correctif de sécurité | ||
| N/A | N/A | Power SCADA Anywhere versions 1.1 et 1.2 antérieures à Plant SCADA Anywhere version 2023 | ||
| N/A | N/A | PowerLogic ION8650 toutes versions | ||
| N/A | N/A | Altivar 32/320 et Lexium 32 Ethernet TCP/IP communication module (VW3A3616) versions antérieures à V1.20IE01 | ||
| N/A | N/A | EcoStruxure Power SCADA Operation versions 2020 R2 | ||
| N/A | N/A | PowerLogic ION8800 toutes versions |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "OPC Factory Server (OFS) versions ant\u00e9rieures \u00e0 V3.63SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Modicon X80 Module (part number BMXNOM0200) versions ant\u00e9rieures \u00e0 V1.60",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "PowerLogic PM8000 ant\u00e9rieures \u00e0 4.0.0 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "PowerLogic ION7400 ant\u00e9rieures \u00e0 4.0.0 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "EcoStruxure Power Operation versions 2022 ant\u00e9rieures \u00e0 2022 CU1",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "EcoStruxure Power Operation versions 2021 ant\u00e9rieures \u00e0 2021 CU3",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Produits Legacy ION toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "PowerLogic ION9000 ant\u00e9rieures \u00e0 4.0.0 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Power SCADA Anywhere versions 1.1 et 1.2 ant\u00e9rieures \u00e0 Plant SCADA Anywhere version 2023",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "PowerLogic ION8650 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Altivar 32/320 et Lexium 32 Ethernet TCP/IP communication module (VW3A3616) versions ant\u00e9rieures \u00e0 V1.20IE01",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "EcoStruxure Power SCADA Operation versions 2020 R2",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "PowerLogic ION8800 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-23854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23854"
},
{
"name": "CVE-2020-35198",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35198"
},
{
"name": "CVE-2022-46680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46680"
},
{
"name": "CVE-2021-31401",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31401"
},
{
"name": "CVE-2021-3711",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3711"
},
{
"name": "CVE-2021-31400",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31400"
},
{
"name": "CVE-2023-1256",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1256"
},
{
"name": "CVE-2020-35685",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35685"
},
{
"name": "CVE-2020-35683",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35683"
},
{
"name": "CVE-2020-35684",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35684"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2020-28895",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28895"
},
{
"name": "CVE-2023-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2161"
}
],
"initial_release_date": "2023-05-09T00:00:00",
"last_revision_date": "2023-05-09T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0363",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-05-09T00:00:00.000000"
},
{
"description": "Ajout des num\u00e9ros de CVE manquants",
"revision_date": "2023-05-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une\nex\u00e9cution de code arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0\ndistance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2023-129-01 du 9 mai 2023",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-129-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-129-01.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-217-01 du 05 ao\u00fbt 2021",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-217-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2021-217-01_NicheStack_Security_Notification.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2023-129-03 du 9 mai 2023",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-129-03\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-129-03.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2023-129-04 du 9 mai 2023",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-129-04\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-129-04.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2023-129-02 du 9 mai 2023",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-129-02\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-129-02.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-313-05 du 09 novembre 2021",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-313-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2021-313-05_BadAlloc_Vulnerabilities_Security_Notification.pdf"
}
]
}
CERTFR-2022-AVI-815
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Schneider. Elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | Modicon MC80 sans le correctif de sécurité BMKC8020301 | ||
| N/A | N/A | CANopen X80 Communication Module (BMECXM0100) toutes versions | ||
| Schneider Electric | N/A | Modicon MC80 (BMKC80) versions antérieures à 1.8 | ||
| Schneider Electric | N/A | Modicon MC80 Controller (BMKC8*) versions antérieures à 1.8 | ||
| Schneider Electric | Modicon M340 | Modicon M340 X80 Ethernet Communication Modules BMXNOE0110 (H) toutes versions | ||
| Schneider Electric | Modicon M340 | Modicon M340 X80 Ethernet Communication Modules BMXNOE0100 (H) toutes versions | ||
| N/A | N/A | EcoStruxure™ Control Expert version 15.1 sans le dernier correctif de sécurité | ||
| Schneider Electric | N/A | Modicon RTU BMXNOR0200H versions antérieures à 1.7 IR24 | ||
| Schneider Electric | Modicon M340 | Modicon M340 X80 Ethernet Communication Module BMXNOR0200H RTU versions antérieures à 1.7 IR24 | ||
| Schneider Electric | Modicon M340 | Modicon M340 Ethernet TCP/IP Network Module BMXNOC0401 versions antérieures à 2.11 | ||
| Schneider Electric | N/A | Profibus Remote Master (TCSEGPA23F14F) toutes versions | ||
| Schneider Electric | N/A | Lexium ILE ILA ILS Communication Drive versions antérieures à 01.110 | ||
| Schneider Electric | Modicon M340 | Modicon M340 X80 Ethernet Communication module BMXNOC0401 versions antérieures à version 2.11 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Modicon MC80 sans le correctif de s\u00e9curit\u00e9 BMKC8020301",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CANopen X80 Communication Module (BMECXM0100) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Modicon MC80 (BMKC80) versions ant\u00e9rieures \u00e0 1.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Modicon MC80 Controller (BMKC8*) versions ant\u00e9rieures \u00e0 1.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Modicon M340 X80 Ethernet Communication Modules BMXNOE0110 (H) toutes versions",
"product": {
"name": "Modicon M340",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Modicon M340 X80 Ethernet Communication Modules BMXNOE0100 (H) toutes versions",
"product": {
"name": "Modicon M340",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "EcoStruxure\u2122 Control Expert version 15.1 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Modicon RTU BMXNOR0200H versions ant\u00e9rieures \u00e0 1.7 IR24",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Modicon M340 X80 Ethernet Communication Module BMXNOR0200H RTU versions ant\u00e9rieures \u00e0 1.7 IR24",
"product": {
"name": "Modicon M340",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Modicon M340 Ethernet TCP/IP Network Module BMXNOC0401 versions ant\u00e9rieures \u00e0 2.11",
"product": {
"name": "Modicon M340",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Profibus Remote Master (TCSEGPA23F14F) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Lexium ILE ILA ILS Communication Drive versions ant\u00e9rieures \u00e0 01.110",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Modicon M340 X80 Ethernet Communication module BMXNOC0401 versions ant\u00e9rieures \u00e0 version 2.11",
"product": {
"name": "Modicon M340",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-7564",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7564"
},
{
"name": "CVE-2020-7563",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7563"
},
{
"name": "CVE-2020-7535",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7535"
},
{
"name": "CVE-2020-35198",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35198"
},
{
"name": "CVE-2020-7549",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7549"
},
{
"name": "CVE-2021-31401",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31401"
},
{
"name": "CVE-2022-37301",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37301"
},
{
"name": "CVE-2018-7241",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7241"
},
{
"name": "CVE-2022-0222",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0222"
},
{
"name": "CVE-2018-7242",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7242"
},
{
"name": "CVE-2021-31400",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31400"
},
{
"name": "CVE-2021-22788",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22788"
},
{
"name": "CVE-2020-35685",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35685"
},
{
"name": "CVE-2020-7562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7562"
},
{
"name": "CVE-2020-35683",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35683"
},
{
"name": "CVE-2020-35684",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35684"
},
{
"name": "CVE-2020-7536",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7536"
},
{
"name": "CVE-2018-7857",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7857"
},
{
"name": "CVE-2019-6807",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6807"
},
{
"name": "CVE-2018-7240",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7240"
},
{
"name": "CVE-2011-4859",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4859"
},
{
"name": "CVE-2020-28895",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28895"
},
{
"name": "CVE-2021-22787",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22787"
},
{
"name": "CVE-2021-22785",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22785"
}
],
"initial_release_date": "2022-09-13T00:00:00",
"last_revision_date": "2022-09-13T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-313-05 du 13 septembre 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-313-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2021-313-05_Badalloc_Vulnerabilities_Security_Notification_V11.0.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-257-02 du 13 septembre 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2021-257-02_Web_Server_Modicon_M340_Quantum_and_Premium_and_Communication_Modules_V2.0.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2018-081-01 du 13 septembre 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2018-081-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2018-081-01_Embedded_FTP_Servers_for_Modicon_PAC_Controllers_Security_Notification_V4.0.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-343-06 du 13 septembre 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2020-343-06\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2020-343-06_Web_Server_Modicon_M340_Premium_Quantum_Communication_Modules_Security_Notification_V2.0.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-343-07 du 13 septembre 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2020-343-07\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2020-343-07_SNMP_Service_Modicon_M340_CPU_Security_Notification_V2.1.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-217-01 du 13 septembre 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-217-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2021-217-01_NicheStack_Security_Notification_V3.0.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2019-134-11 du 13 septembre 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2019-134-11\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2019-134-11_Modicon_Controllers_Security_Notification_V7.0.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-221-02 du 13 septembre 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-02\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-221-02_Modicon_Controllers_Security_Notification_V2.0.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SESB-2019-214-01 du 13 septembre 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SESB-2019-214-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SESB-2019-214-01_Wind_River_VxWorks_Security_Bulletin_V2.14.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-315-01 du 13 septembre 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2020-315-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2020-315-01_Modicon_Web_Server_Security_Notification_V3.0.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2020-343-05 du 13 septembre 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2020-343-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2020-343-05-Web_Server_Modicon_M340_Premium_Quantum_Communication_Modules_Security_Notification_V2.1.pdf"
}
],
"reference": "CERTFR-2022-AVI-815",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-09-13T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire, un d\u00e9ni de service et une atteinte \u00e0 la confidentialit\u00e9\ndes donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-256-01 du 13 septembre 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-256-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-256-01-EcoStruxure_Machine_SCADA_ExpertPro-face_BLUE_Open_Studio_Security_Notification.pdf"
}
]
}
CERTFR-2021-AVI-599
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SENTRON 3WL COM35 versions ant\u00e9rieures \u00e0 1.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SENTRON 7KM PAC Switched Ethernet PROFINET Expansion Module versions ant\u00e9rieures \u00e0 3.0.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SENTRON 3WA COM190 versions ant\u00e9rieures \u00e0 2.0.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-31401",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31401"
},
{
"name": "CVE-2020-35685",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35685"
},
{
"name": "CVE-2020-35683",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35683"
},
{
"name": "CVE-2020-35684",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35684"
}
],
"initial_release_date": "2021-08-04T00:00:00",
"last_revision_date": "2021-08-04T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-599",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-08-04T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Elles permettent \u00e0 un attaquant de provoquer un contournement\nde la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 [SCADA] Siemens ssa-789208 du 4 ao\u00fbt 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
}
]
}
cnvd-2021-58800
Vulnerability from cnvd
Title
HCC Embedded InterNiche Technologies NicheStack输入验证错误漏洞(CNVD-2021-58800)
Description
InterNiche Technologies NicheStack是一种占用空间小、符合RFC标准的嵌入式协议栈,可移植到商业或专有的非MMU操作系统。
InterNiche Technologies NicheStack存在输入验证错误漏洞,该漏洞的存在是由于对TCP组件中用户提供的输入验证不足。远程攻击者可利用该漏洞可以向应用程序传递特制的输入,并执行拒绝服务(DoS)攻击。
Severity
高
VLAI Severity ?
Patch Name
HCC Embedded InterNiche Technologies NicheStack输入验证错误漏洞(CNVD-2021-58800)的补丁
Patch Description
InterNiche Technologies NicheStack是一种占用空间小、符合RFC标准的嵌入式协议栈,可移植到商业或专有的非MMU操作系统。
InterNiche Technologies NicheStack存在输入验证错误漏洞,该漏洞的存在是由于对TCP组件中用户提供的输入验证不足。远程攻击者可利用该漏洞可以向应用程序传递特制的输入,并执行拒绝服务(DoS)攻击。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前HCC Embedded公司已发布相关补丁,建议相关供应商(涉及嵌入式网络)及时升级更新:https://www.hcc-embedded.com/support/security-advisories
Reference
https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf
Impacted products
| Name | ['HCC Embedded InterNiche stack <v4.3', 'HCC Embedded NicheLite <v4.3'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2020-35684"
}
},
"description": "InterNiche Technologies NicheStack\u662f\u4e00\u79cd\u5360\u7528\u7a7a\u95f4\u5c0f\u3001\u7b26\u5408RFC\u6807\u51c6\u7684\u5d4c\u5165\u5f0f\u534f\u8bae\u6808\uff0c\u53ef\u79fb\u690d\u5230\u5546\u4e1a\u6216\u4e13\u6709\u7684\u975eMMU\u64cd\u4f5c\u7cfb\u7edf\u3002\n\nInterNiche Technologies NicheStack\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u7684\u5b58\u5728\u662f\u7531\u4e8e\u5bf9TCP\u7ec4\u4ef6\u4e2d\u7528\u6237\u63d0\u4f9b\u7684\u8f93\u5165\u9a8c\u8bc1\u4e0d\u8db3\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u53ef\u4ee5\u5411\u5e94\u7528\u7a0b\u5e8f\u4f20\u9012\u7279\u5236\u7684\u8f93\u5165\uff0c\u5e76\u6267\u884c\u62d2\u7edd\u670d\u52a1(DoS)\u653b\u51fb\u3002",
"formalWay": "\u76ee\u524dHCC Embedded\u516c\u53f8\u5df2\u53d1\u5e03\u76f8\u5173\u8865\u4e01\uff0c\u5efa\u8bae\u76f8\u5173\u4f9b\u5e94\u5546\uff08\u6d89\u53ca\u5d4c\u5165\u5f0f\u7f51\u7edc\uff09\u53ca\u65f6\u5347\u7ea7\u66f4\u65b0\uff1ahttps://www.hcc-embedded.com/support/security-advisories",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2021-58800",
"openTime": "2021-08-06",
"patchDescription": "InterNiche Technologies NicheStack\u662f\u4e00\u79cd\u5360\u7528\u7a7a\u95f4\u5c0f\u3001\u7b26\u5408RFC\u6807\u51c6\u7684\u5d4c\u5165\u5f0f\u534f\u8bae\u6808\uff0c\u53ef\u79fb\u690d\u5230\u5546\u4e1a\u6216\u4e13\u6709\u7684\u975eMMU\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nInterNiche Technologies NicheStack\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u7684\u5b58\u5728\u662f\u7531\u4e8e\u5bf9TCP\u7ec4\u4ef6\u4e2d\u7528\u6237\u63d0\u4f9b\u7684\u8f93\u5165\u9a8c\u8bc1\u4e0d\u8db3\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u53ef\u4ee5\u5411\u5e94\u7528\u7a0b\u5e8f\u4f20\u9012\u7279\u5236\u7684\u8f93\u5165\uff0c\u5e76\u6267\u884c\u62d2\u7edd\u670d\u52a1(DoS)\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "HCC Embedded InterNiche Technologies NicheStack\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff08CNVD-2021-58800\uff09\u7684\u8865\u4e01",
"products": {
"product": [
"HCC Embedded InterNiche stack \u003cv4.3",
"HCC Embedded NicheLite \u003cv4.3"
]
},
"referenceLink": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf",
"serverity": "\u9ad8",
"submitTime": "2021-08-05",
"title": "HCC Embedded InterNiche Technologies NicheStack\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff08CNVD-2021-58800\uff09"
}
fkie_cve-2020-35684
Vulnerability from fkie_nvd
Published
2021-08-19 12:15
Modified
2024-11-21 05:27
Severity ?
Summary
An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible).
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf | Mitigation, Third Party Advisory | |
| cve@mitre.org | https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/ | Mitigation, Third Party Advisory | |
| cve@mitre.org | https://www.hcc-embedded.com | Product | |
| cve@mitre.org | https://www.kb.cert.org/vuls/id/608209 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/ | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.hcc-embedded.com | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/608209 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hcc-embedded | nichestack | 3.0 | |
| siemens | sentron_3wl_com35_firmware | * | |
| siemens | sentron_3wl_com35 | - | |
| siemens | sentron_3wa_com190_firmware | * | |
| siemens | sentron_3wa_com190 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hcc-embedded:nichestack:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "22916BA2-C530-46C0-9C4E-1C0342C9089E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sentron_3wl_com35_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "438332F0-E222-48FB-BA95-0A79EAC9E448",
"versionEndExcluding": "1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sentron_3wl_com35:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF6988F4-8734-4B27-AD0B-B91F25654F9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sentron_3wa_com190_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B62056DC-DF99-4118-9B22-45E51980CD7F",
"versionEndExcluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sentron_3wa_com190:-:*:*:*:*:*:*:*",
"matchCriteriaId": "797EAA6F-5E8C-4855-87ED-CE4D76D02571",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible)."
},
{
"lang": "es",
"value": "Se ha detectado un problema en HCC Nichestack versi\u00f3n 3.0. El c\u00f3digo que analiza los paquetes TCP se basa en un valor no comprobado del tama\u00f1o de la carga \u00fatil IP (extra\u00eddo del encabezado IP) para calcular la longitud de la carga \u00fatil TCP dentro de la funci\u00f3n de c\u00e1lculo de la suma de comprobaci\u00f3n TCP. Cuando el tama\u00f1o de la carga \u00fatil IP est\u00e1 configurado para ser menor que el tama\u00f1o del encabezado IP, la funci\u00f3n de c\u00e1lculo de la suma de comprobaci\u00f3n TCP puede leer fuera de l\u00edmites (tambi\u00e9n es posible una escritura fuera de l\u00edmites de bajo impacto)."
}
],
"id": "CVE-2020-35684",
"lastModified": "2024-11-21T05:27:50.820",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-19T12:15:08.020",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.hcc-embedded.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://www.hcc-embedded.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
gsd-2020-35684
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible).
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-35684",
"description": "An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible).",
"id": "GSD-2020-35684",
"references": [
"https://www.suse.com/security/cve/CVE-2020-35684.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-35684"
],
"details": "An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible).",
"id": "GSD-2020-35684",
"modified": "2023-12-13T01:22:01.209927Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-35684",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.hcc-embedded.com",
"refsource": "MISC",
"url": "https://www.hcc-embedded.com"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"name": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/",
"refsource": "MISC",
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/608209"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:hcc-embedded:nichestack:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sentron_3wl_com35_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sentron_3wl_com35:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sentron_3wa_com190_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sentron_3wa_com190:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-35684"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf",
"refsource": "CONFIRM",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"name": "https://www.hcc-embedded.com",
"refsource": "MISC",
"tags": [
"Product"
],
"url": "https://www.hcc-embedded.com"
},
{
"name": "VU#608209",
"refsource": "CERT-VN",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
},
{
"name": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/",
"refsource": "MISC",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2021-08-26T18:21Z",
"publishedDate": "2021-08-19T12:15Z"
}
}
}
ghsa-748v-rhfv-4hm6
Vulnerability from github
Published
2022-05-24 19:11
Modified
2022-05-24 19:11
VLAI Severity ?
Details
An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible).
{
"affected": [],
"aliases": [
"CVE-2020-35684"
],
"database_specific": {
"cwe_ids": [
"CWE-20"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-19T12:15:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible).",
"id": "GHSA-748v-rhfv-4hm6",
"modified": "2022-05-24T19:11:42Z",
"published": "2022-05-24T19:11:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35684"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"type": "WEB",
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack"
},
{
"type": "WEB",
"url": "https://www.hcc-embedded.com"
},
{
"type": "WEB",
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"schema_version": "1.4.0",
"severity": []
}
icsa-21-217-01
Vulnerability from csaf_cisa
Published
2021-08-05 00:00
Modified
2021-12-16 00:00
Summary
HCC Embedded InterNiche TCP/IP stack, NicheLite (Update B)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities may result in unauthorized access to arbitrary information, DNS cache poisoning, remote code execution, or a denial-of-service condition.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Hungary
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Exploitability
No known public exploits specifically target these vulnerabilities.
{
"document": {
"acknowledgments": [
{
"names": [
"Amine Amri",
"Stanislav Dashevskyi",
"Daniel dos Santos"
],
"organization": "Forescout",
"summary": "reporting these vulnerabilities to CISA"
},
{
"names": [
"Asaf Karas",
"Shachar Menashe"
],
"organization": "VDOO",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities may result in unauthorized access to arbitrary information, DNS cache poisoning, remote code execution, or a denial-of-service condition.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Multiple",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Hungary",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-21-217-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-217-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-21-217-01 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-217-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-217-01"
}
],
"title": "HCC Embedded InterNiche TCP/IP stack, NicheLite (Update B)",
"tracking": {
"current_release_date": "2021-12-16T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-21-217-01",
"initial_release_date": "2021-08-05T00:00:00.000000Z",
"revision_history": [
{
"date": "2021-08-05T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-21-217-01 HCC Embedded InterNiche TCPIP stack NicheLite"
},
{
"date": "2021-09-14T00:00:00.000000Z",
"legacy_version": "A",
"number": "2",
"summary": "ICSA-21-217-01 HCC Embedded InterNiche TCPIP stack NicheLite (Update A)"
},
{
"date": "2021-12-16T00:00:00.000000Z",
"legacy_version": "B",
"number": "3",
"summary": "ICSA-21-217-01 HCC Embedded InterNiche TCP/IP stack NicheLite (Update B)"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 4.3",
"product": {
"name": "InterNiche stack: All versions prior to v4.3",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "InterNiche stack"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 4.3",
"product": {
"name": "NicheLite: All versions prior to v4.3",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "NicheLite"
}
],
"category": "vendor",
"name": "HCC Embedded"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-25767",
"cwe": {
"id": "CWE-466",
"name": "Return of Pointer Value Outside of Expected Range"
},
"notes": [
{
"category": "summary",
"text": "When parsing DNS domain names, there are no checks on whether a domain name compression pointer is pointing within the bounds of the packet, which may result in an out-of-bounds read.CVE-2020-25767 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25767"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2020-25928",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "summary",
"text": "The routine for parsing DNS response packets does not check the response data length field of individual DNS answers, which may cause an out-of-bounds read/write.CVE-2020-25928 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25928"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2020-25927",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "summary",
"text": "The number of queries or responses specified in the DNS packet header is not validated with the query/response data available in the DNS packet, leading to an out-of-bounds read.CVE-2020-25927 has been assigned to this vulnerability. A CVSS v3 base score of 8.2 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25927"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2020-25926",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "summary",
"text": "The DNS client does not sufficiently randomize transaction IDs, facilitating DNS cache poisoning attacks.CVE-2020-25926 has been assigned to this vulnerability. A CVSS v3 base score of 4.0 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25926"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2020-35683",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The code that parses ICMP packets relies on an unchecked value of the IP payload size to compute the ICMP checksum, which may result in an out-of-bounds read.CVE-2020-35683 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35683"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2020-35684",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The code that parses TCP packets relies on an unchecked value of the IP payload size to compute the length of the TCP payload within the TCP checksum computation function, which may result in an out-of-bounds read.CVE-2020-35684 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35684"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2020-35685",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "summary",
"text": "TCP ISNs are insufficiently randomized, which may result in TCP spoofing by an attacker.CVE-2020-35685 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35685"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2021-31400",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"notes": [
{
"category": "summary",
"text": "The TCP urgent data processing function may invoke a panic function, which may result in an infinite loop.CVE-2021-31400 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31400"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2021-31401",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An attacker could send a specially crafted IP packet to trigger an integer overflow due to the lack of IP length validation.CVE-2021-31401 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31401"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2021-31226",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "A potential heap buffer overflow exists in the code that parses the HTTP POST request due to lack of size validation.CVE-2021-31226 has been assigned to this vulnerability. A CVSS v3 base score of 9.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31226"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2021-31227",
"cwe": {
"id": "CWE-839",
"name": "Numeric Range Comparison Without Minimum Check"
},
"notes": [
{
"category": "summary",
"text": "A potential heap buffer overflow exists in the code that parses the HTTP POST request due to an incorrect signed integer comparison.CVE-2021-31227 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31227"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2021-31228",
"cwe": {
"id": "CWE-340",
"name": "Generation of Predictable Numbers or Identifiers"
},
"notes": [
{
"category": "summary",
"text": "An attacker may be able to predict DNS queries \u0027 source port to then send forged DNS response packets, which may be accepted as valid answers.CVE-2021-31228 has been assigned to this vulnerability. A CVSS v3 base score of 4.0 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31228"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2021-27565",
"cwe": {
"id": "CWE-703",
"name": "Improper Check or Handling of Exceptional Conditions"
},
"notes": [
{
"category": "summary",
"text": "Unhandled HTTP requests result in an infinite loop that disrupts TCP/IP communication.CVE-2021-27565 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27565"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2021-36762",
"cwe": {
"id": "CWE-170",
"name": "Improper Null Termination"
},
"notes": [
{
"category": "summary",
"text": "The TFTP packet processing function does not ensure that the filename is null-terminated, which may result in a denial-of-service condition.CVE-2021-36762 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-36762"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
}
]
}
ICSA-21-217-01
Vulnerability from csaf_cisa
Published
2021-08-05 00:00
Modified
2021-12-16 00:00
Summary
HCC Embedded InterNiche TCP/IP stack, NicheLite (Update B)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities may result in unauthorized access to arbitrary information, DNS cache poisoning, remote code execution, or a denial-of-service condition.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Hungary
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Exploitability
No known public exploits specifically target these vulnerabilities.
{
"document": {
"acknowledgments": [
{
"names": [
"Amine Amri",
"Stanislav Dashevskyi",
"Daniel dos Santos"
],
"organization": "Forescout",
"summary": "reporting these vulnerabilities to CISA"
},
{
"names": [
"Asaf Karas",
"Shachar Menashe"
],
"organization": "VDOO",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities may result in unauthorized access to arbitrary information, DNS cache poisoning, remote code execution, or a denial-of-service condition.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Multiple",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Hungary",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-21-217-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-217-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-21-217-01 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-217-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-217-01"
}
],
"title": "HCC Embedded InterNiche TCP/IP stack, NicheLite (Update B)",
"tracking": {
"current_release_date": "2021-12-16T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-21-217-01",
"initial_release_date": "2021-08-05T00:00:00.000000Z",
"revision_history": [
{
"date": "2021-08-05T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-21-217-01 HCC Embedded InterNiche TCPIP stack NicheLite"
},
{
"date": "2021-09-14T00:00:00.000000Z",
"legacy_version": "A",
"number": "2",
"summary": "ICSA-21-217-01 HCC Embedded InterNiche TCPIP stack NicheLite (Update A)"
},
{
"date": "2021-12-16T00:00:00.000000Z",
"legacy_version": "B",
"number": "3",
"summary": "ICSA-21-217-01 HCC Embedded InterNiche TCP/IP stack NicheLite (Update B)"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 4.3",
"product": {
"name": "InterNiche stack: All versions prior to v4.3",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "InterNiche stack"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 4.3",
"product": {
"name": "NicheLite: All versions prior to v4.3",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "NicheLite"
}
],
"category": "vendor",
"name": "HCC Embedded"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-25767",
"cwe": {
"id": "CWE-466",
"name": "Return of Pointer Value Outside of Expected Range"
},
"notes": [
{
"category": "summary",
"text": "When parsing DNS domain names, there are no checks on whether a domain name compression pointer is pointing within the bounds of the packet, which may result in an out-of-bounds read.CVE-2020-25767 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25767"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2020-25928",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "summary",
"text": "The routine for parsing DNS response packets does not check the response data length field of individual DNS answers, which may cause an out-of-bounds read/write.CVE-2020-25928 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25928"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2020-25927",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "summary",
"text": "The number of queries or responses specified in the DNS packet header is not validated with the query/response data available in the DNS packet, leading to an out-of-bounds read.CVE-2020-25927 has been assigned to this vulnerability. A CVSS v3 base score of 8.2 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25927"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2020-25926",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "summary",
"text": "The DNS client does not sufficiently randomize transaction IDs, facilitating DNS cache poisoning attacks.CVE-2020-25926 has been assigned to this vulnerability. A CVSS v3 base score of 4.0 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25926"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2020-35683",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The code that parses ICMP packets relies on an unchecked value of the IP payload size to compute the ICMP checksum, which may result in an out-of-bounds read.CVE-2020-35683 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35683"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2020-35684",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The code that parses TCP packets relies on an unchecked value of the IP payload size to compute the length of the TCP payload within the TCP checksum computation function, which may result in an out-of-bounds read.CVE-2020-35684 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35684"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2020-35685",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "summary",
"text": "TCP ISNs are insufficiently randomized, which may result in TCP spoofing by an attacker.CVE-2020-35685 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35685"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2021-31400",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"notes": [
{
"category": "summary",
"text": "The TCP urgent data processing function may invoke a panic function, which may result in an infinite loop.CVE-2021-31400 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31400"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2021-31401",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An attacker could send a specially crafted IP packet to trigger an integer overflow due to the lack of IP length validation.CVE-2021-31401 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31401"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2021-31226",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "A potential heap buffer overflow exists in the code that parses the HTTP POST request due to lack of size validation.CVE-2021-31226 has been assigned to this vulnerability. A CVSS v3 base score of 9.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31226"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2021-31227",
"cwe": {
"id": "CWE-839",
"name": "Numeric Range Comparison Without Minimum Check"
},
"notes": [
{
"category": "summary",
"text": "A potential heap buffer overflow exists in the code that parses the HTTP POST request due to an incorrect signed integer comparison.CVE-2021-31227 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31227"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2021-31228",
"cwe": {
"id": "CWE-340",
"name": "Generation of Predictable Numbers or Identifiers"
},
"notes": [
{
"category": "summary",
"text": "An attacker may be able to predict DNS queries \u0027 source port to then send forged DNS response packets, which may be accepted as valid answers.CVE-2021-31228 has been assigned to this vulnerability. A CVSS v3 base score of 4.0 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31228"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2021-27565",
"cwe": {
"id": "CWE-703",
"name": "Improper Check or Handling of Exceptional Conditions"
},
"notes": [
{
"category": "summary",
"text": "Unhandled HTTP requests result in an infinite loop that disrupts TCP/IP communication.CVE-2021-27565 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27565"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2021-36762",
"cwe": {
"id": "CWE-170",
"name": "Improper Null Termination"
},
"notes": [
{
"category": "summary",
"text": "The TFTP packet processing function does not ensure that the filename is null-terminated, which may result in a denial-of-service condition.CVE-2021-36762 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-36762"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "HCC recommends users apply release v4.3 or later to mitigate these vulnerabilities. For more information, contact HCC.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
},
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-022_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…