Vulnerabilities > CVE-2021-31890 - Improper Handling of Inconsistent Structural Elements vulnerability in Siemens products

CVSS 9.1 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

siemens

CWE-240

critical

NVD

Published: 2021-11-09

Updated: 2024-10-08

Summary

A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions < V1.0.0.0). The total length of an TCP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0017)

Vulnerable Configurations

Part	Description	Count
Application	Siemens Siemens Nucleus Source Code * Siemens Nucleus NET * Siemens Capital Vstar * Siemens Nucleus Readystart V3 2013.08 Siemens Nucleus Readystart V3 2017.02.3 Siemens Nucleus Readystart V4 4.1.0	6
OS	Siemens Siemens Apogee Modular Building Controller Firmware * Siemens Apogee Modular Equiment Controller Firmware * Siemens Apogee PXC Compact Firmware * Siemens Apogee PXC Modular Firmware * Siemens Talon TC Compact Firmware * Siemens Talon TC Modular Firmware *	6
Hardware	Siemens Siemens Apogee Modular Building Controller - Siemens Apogee Modular Equiment Controller - Siemens Apogee PXC Compact - Siemens Apogee PXC Modular - Siemens Talon TC Compact - Siemens Talon TC Modular -	6

Common Weakness Enumeration (CWE)

CWE-240 - Improper Handling of Inconsistent Structural Elements

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References