Vulnerabilities > CVE-2021-25674 - NULL Pointer Dereference vulnerability in Siemens Simatic S7-Plcsim 5.4

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

local

low complexity

siemens

CWE-476

NVD

Published: 2021-03-15

Updated: 2021-03-18

Summary

A vulnerability has been identified in SIMATIC S7-PLCSIM V5.4 (All versions). An attacker with local access to the system could cause a Denial-of-Service condition in the application when it is used to open a specially crafted file. As a consequence, a NULL pointer deference condition could cause the application to terminate unexpectedly and must be restarted to restore the service.

Vulnerable Configurations

Part	Description	Count
Application	Siemens Siemens Simatic S7 Plcsim 5.4	1

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://cert-portal.siemens.com/productcert/pdf/ssa-256092.pdf