CVE-2021-31885

EPSS 0.39%
Published 09.11.2021 12:15:09
Last modified 21.11.2024 06:06:25
Source productcert@siemens.com
Teams watchlist Login
Open Login

A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.1), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). TFTP server application allows for reading the contents of the TFTP memory buffer via sending malformed TFTP commands. (FSMD-2021-0009)

Affected products Warnungen 0 Metrics 3 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Siemens ≫ Capital Vstar

Siemens ≫ Nucleus Net

Siemens ≫ Nucleus Readystart V3 Version < 2017.02.4

Siemens ≫ Nucleus Readystart V4 Version < 4.1.1

Siemens ≫ Nucleus Source Code

Siemens ≫ Apogee Modular Building Controller Firmware

Siemens ≫ Apogee Modular Building Controller Version-

Siemens ≫ Apogee Modular Equiment Controller Firmware

Siemens ≫ Apogee Modular Equiment Controller Version-

Siemens ≫ Apogee Pxc Compact Firmware

Siemens ≫ Apogee Pxc Compact Version-

Siemens ≫ Apogee Pxc Modular Firmware

Siemens ≫ Apogee Pxc Modular Version-

Siemens ≫ Talon Tc Compact Firmware

Siemens ≫ Talon Tc Compact Version-

Siemens ≫ Talon Tc Modular Firmware

Siemens ≫ Talon Tc Modular Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.39%	0.587

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-805 Buffer Access with Incorrect Length Value

The product uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer.

https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf

Vendor Advisory

https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf

Vendor Advisory

https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf

https://nvd.nist.gov/vuln/detail/CVE-2021-31885

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-31885

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-31885

EUVD