7.5
CVE-2021-40142
- EPSS 0.68%
- Published 27.08.2021 07:15:08
- Last modified 21.11.2024 06:23:38
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer.
Data is provided by the National Vulnerability Database (NVD)
Opcfoundation ≫ Local Discover Server Version < 1.04.402.463
Siemens ≫ Simatic Process Historian Opc Ua Server Firmware Version < 2022
Siemens ≫ Simatic Process Historian Opc Ua Server Firmware Version2022 Update-
Siemens ≫ Simatic Net Pc Version14 Update-
Siemens ≫ Simatic Net Pc Version15 Update-
Siemens ≫ Simatic Net Pc Version16 Update-
Siemens ≫ Simatic Net Pc Version17 Update-
Siemens ≫ Simatic Wincc Version-
Siemens ≫ Simatic Wincc Runtime Version- SwEditionprofessional
Siemens ≫ Simatic Wincc Unified Scada Runtime Version-
Siemens ≫ Telecontrol Server Basic Version3.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.68% | 0.707 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
| cve@mitre.org | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.