Vulnerabilities > CVE-2021-25675 - Divide By Zero vulnerability in Siemens Simatic S7-Plcsim 5.4

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

siemens

CWE-369

NVD

Published: 2021-03-15

Updated: 2021-03-18

Summary

A vulnerability has been identified in SIMATIC S7-PLCSIM V5.4 (All versions). An attacker with local access to the system could cause a Denial-of-Service condition in the application when it is used to open a specially crafted file. As a consequence, a divide by zero operation could occur and cause the application to terminate unexpectedly and must be restarted to restore the service.

Vulnerable Configurations

Part	Description	Count
Application	Siemens Siemens Simatic S7 Plcsim 5.4	1

Common Weakness Enumeration (CWE)

CWE-369 - Divide By Zero

References

https://cert-portal.siemens.com/productcert/pdf/ssa-256092.pdf