Vulnerabilities > CVE-2021-37740 - Unspecified vulnerability in MDT Scn-Ip000.03 Firmware and Scn-Ip100.03 Firmware

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

mdt

NVD

Published: 2022-04-20

Updated: 2022-05-03

Summary

A denial of service vulnerability exists in MDT's firmware for the KNXnet/IP Secure router SCN-IP100.03 and KNX IP interface SCN-IP000.03 before v3.0.4, that allows a remote attacker to turn the device unresponsive to all requests on the KNXnet/IP Secure layer, until the device is rebooted, via a SESSION_REQUEST frame with a modified total length field.

Vulnerable Configurations

Part	Description	Count
OS	Mdt MDT SCN Ip000.03 Firmware - MDT SCN Ip000.03 Firmware 3.0.0 MDT SCN Ip000.03 Firmware 3.0.1 MDT SCN Ip000.03 Firmware 3.0.2 MDT SCN Ip000.03 Firmware 3.0.3 MDT SCN Ip100.03 Firmware - MDT SCN Ip100.03 Firmware 3.0.0 MDT SCN Ip100.03 Firmware 3.0.1 MDT SCN Ip100.03 Firmware 3.0.2 MDT SCN Ip100.03 Firmware 3.0.3	10
Hardware	Mdt MDT SCN Ip000.03 - MDT SCN Ip100.03 -	2

Summary

Vulnerable Configurations

References