7.5
CVE-2021-37205
- EPSS 1.14%
- Published 09.02.2022 16:15:13
- Last modified 21.11.2024 06:14:51
- Source productcert@siemens.com
- Teams watchlist Login
- Open Login
A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions >= V4.5.0 < V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.9.2 < V2.9.4), SIMATIC S7-1500 Software Controller (All versions >= V21.9 < V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions >= V4.0 < V4.0 SP1), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets over port 102/tcp. A restart of the affected device is needed to restore normal operations.
Data is provided by the National Vulnerability Database (NVD)
Siemens ≫ Simatic Drive Controller Cpu 1504d Tf Firmware Version < 2.9.4
Siemens ≫ Simatic Drive Controller Cpu 1507d Tf Firmware Version < 2.9.4
Siemens ≫ Simatic S7-plcsim Advanced Firmware Version < 4.0
Siemens ≫ Simatic S7-plcsim Advanced Firmware Version4.0 Update-
Siemens ≫ Tim 1531 Irc Firmware Version >= 2.2
Siemens ≫ Simatic S7-1200 Cpu 1211c Firmware Version >= 4.5.0 < 4.5.2
Siemens ≫ Simatic S7-1200 Cpu 1212c Firmware Version >= 4.5.0 < 4.5.2
Siemens ≫ Simatic S7-1200 Cpu 1212fc Firmware Version >= 4.5.0 < 4.5.2
Siemens ≫ Simatic S7-1200 Cpu 1214fc Firmware Version >= 4.5.0 < 4.5.2
Siemens ≫ Simatic S7-1200 Cpu 1214c Firmware Version >= 4.5.0 < 4.5.2
Siemens ≫ Simatic S7-1200 Cpu 1215fc Firmware Version >= 4.5.0 < 4.5.2
Siemens ≫ Simatic S7-1200 Cpu 1215c Firmware Version >= 4.5.0 < 4.5.2
Siemens ≫ Simatic S7-1200 Cpu 1217c Firmware Version >= 4.5.0 < 4.5.2
Siemens ≫ Simatic S7-1500 Cpu 1510sp-1 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1510sp Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1511-1 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1511c-1 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1511f-1 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1511t-1 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1511tf-1 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1512c-1 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1512sp-1 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1512spf-1 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1513-1 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1513f-1 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1513r-1 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu Cpu 1513prof-2 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu Cpu 1513pro-2 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1515-2 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1515f-2 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1515r-2 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1515t-2 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1515tf-2 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1516pro F Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1516pro-2 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1516-3 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1516f-3 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1516t-3 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1516tf-3 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1517-3 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1517f-3 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1517tf-3 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1518-4 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1518f-4 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1518hf-4 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1518t-4 Firmware Version >= 2.9.2 < 2.9.4
Siemens ≫ Simatic S7-1500 Cpu 1518tf-4 Firmware Version >= 2.9.2 < 2.9.4
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.14% | 0.772 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.1 | 8.6 | 6.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:C
|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| productcert@siemens.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.