Vulnerabilities > CVE-2021-37740 - Unspecified vulnerability in MDT Scn-Ip000.03 Firmware and Scn-Ip100.03 Firmware
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
A denial of service vulnerability exists in MDT's firmware for the KNXnet/IP Secure router SCN-IP100.03 and KNX IP interface SCN-IP000.03 before v3.0.4, that allows a remote attacker to turn the device unresponsive to all requests on the KNXnet/IP Secure layer, until the device is rebooted, via a SESSION_REQUEST frame with a modified total length field.
Vulnerable Configurations
References
- https://github.com/robertguetzkow/CVE-2021-37740
- https://github.com/robertguetzkow/CVE-2021-37740
- https://www.mdt.de/download/MDT_CL_SCN_IP_03_IP_Interface_Router.pdf
- https://www.mdt.de/download/MDT_CL_SCN_IP_03_IP_Interface_Router.pdf
- https://www.mdt.de/EN_IP_Interface_Router.html
- https://www.mdt.de/EN_IP_Interface_Router.html