Vulnerabilities > CVE-2025-29931

CVSS 3.7 - LOW

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

LOW

network

high complexity

CWE-130

NVD

Published: 2025-04-17

Updated: 2025-04-17

Summary

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected product does not properly validate a length field in a serialized message which it uses to determine the amount of memory to be allocated for deserialization. This could allow an unauthenticated remote attacker to cause the application to allocate exhaustive amounts of memory and subsequently create a partial denial of service condition. Successful exploitation is only possible in redundant Telecontrol Server Basic setups and only if the connection between the redundant servers has been disrupted.

Common Weakness Enumeration (CWE)

CWE-130 - Improper Handling of Length Parameter Inconsistency

Common Attack Pattern Enumeration and Classification (CAPEC)

Buffer Overflow via Parameter Expansion
In this attack, the target software is given input that the attacker knows will be modified and expanded in size during processing. This attack relies on the target software failing to anticipate that the expanded data may exceed some internal limit, thereby creating a buffer overflow.

References

https://cert-portal.siemens.com/productcert/html/ssa-395348.html

Vulnerabilities > CVE-2025-29931 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2025-29931"}]}

Summary

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

References

Vulnerabilities > CVE-2025-29931