Lucene search

[email protected]CVE-2021-31895

HistoryJul 13, 2021 - 11:15 a.m.

CVE-2021-31895

2021-07-1311:15:09

CWE-787

CWE-120

[email protected]

web.nvd.nist.gov

cve-2021-31895

ruggedcom ros

dhcp client

remote code execution

vulnerability

security advisory

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

77.8%

JSON

A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V4.3.7), RUGGEDCOM ROS M2200 (All versions < V4.3.7), RUGGEDCOM ROS M969 (All versions < V4.3.7), RUGGEDCOM ROS RMC (All versions < V4.3.7), RUGGEDCOM ROS RMC20 (All versions < V4.3.7), RUGGEDCOM ROS RMC30 (All versions < V4.3.7), RUGGEDCOM ROS RMC40 (All versions < V4.3.7), RUGGEDCOM ROS RMC41 (All versions < V4.3.7), RUGGEDCOM ROS RMC8388 V4.X (All versions < V4.3.7), RUGGEDCOM ROS RMC8388 V5.X (All versions < V5.5.4), RUGGEDCOM ROS RP110 (All versions < V4.3.7), RUGGEDCOM ROS RS400 (All versions < V4.3.7), RUGGEDCOM ROS RS401 (All versions < V4.3.7), RUGGEDCOM ROS RS416 (All versions < V4.3.7), RUGGEDCOM ROS RS416v2 V4.X (All versions < V4.3.7), RUGGEDCOM ROS RS416v2 V5.X (All versions < 5.5.4), RUGGEDCOM ROS RS8000 (All versions < V4.3.7), RUGGEDCOM ROS RS8000A (All versions < V4.3.7), RUGGEDCOM ROS RS8000H (All versions < V4.3.7), RUGGEDCOM ROS RS8000T (All versions < V4.3.7), RUGGEDCOM ROS RS900 (32M) V4.X (All versions < V4.3.7), RUGGEDCOM ROS RS900 (32M) V5.X (All versions < V5.5.4), RUGGEDCOM ROS RS900G (All versions < V4.3.7), RUGGEDCOM ROS RS900G (32M) V4.X (All versions < V4.3.7), RUGGEDCOM ROS RS900G (32M) V5.X (All versions < V5.5.4), RUGGEDCOM ROS RS900GP (All versions < V4.3.7), RUGGEDCOM ROS RS900L (All versions < V4.3.7), RUGGEDCOM ROS RS900W (All versions < V4.3.7), RUGGEDCOM ROS RS910 (All versions < V4.3.7), RUGGEDCOM ROS RS910L (All versions < V4.3.7), RUGGEDCOM ROS RS910W (All versions < V4.3.7), RUGGEDCOM ROS RS920L (All versions < V4.3.7), RUGGEDCOM ROS RS920W (All versions < V4.3.7), RUGGEDCOM ROS RS930L (All versions < V4.3.7), RUGGEDCOM ROS RS930W (All versions < V4.3.7), RUGGEDCOM ROS RS940G (All versions < V4.3.7), RUGGEDCOM ROS RS969 (All versions < V4.3.7), RUGGEDCOM ROS RSG2100 (32M) V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG2100 (32M) V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSG2100 V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG2100P (All versions < V4.3.7), RUGGEDCOM ROS RSG2100P (32M) V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG2100P (32M) V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSG2200 (All versions < V4.3.7), RUGGEDCOM ROS RSG2288 V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG2288 V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSG2300 V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG2300 V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSG2300P V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG2300P V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSG2488 V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG2488 V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSG900 V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG900 V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSG900C (All versions < V5.5.4), RUGGEDCOM ROS RSG900G V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG900G V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSG900R (All versions < V5.5.4), RUGGEDCOM ROS RSG920P V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG920P V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSL910 (All versions < V5.5.4), RUGGEDCOM ROS RST2228 (All versions < V5.5.4), RUGGEDCOM ROS RST916C (All versions < V5.5.4), RUGGEDCOM ROS RST916P (All versions < V5.5.4), RUGGEDCOM ROS i800 (All versions < V4.3.7), RUGGEDCOM ROS i801 (All versions < V4.3.7), RUGGEDCOM ROS i802 (All versions < V4.3.7), RUGGEDCOM ROS i803 (All versions < V4.3.7). The DHCP client in affected devices fails to properly sanitize incoming DHCP packets. This could allow an unauthenticated remote attacker to cause memory to be overwritten, potentially allowing remote code execution.

Affected configurations

NVD

Node

siemensruggedcom_ros_i800Range<4.3.7

AND

siemensruggedcom_i800Match-

Node

siemensruggedcom_ros_i801Range<4.3.7

AND

siemensruggedcom_i801Match-

Node

siemensruggedcom_ros_i802Range<4.3.7

AND

siemensruggedcom_i802Match-

Node

siemensruggedcom_ros_i803Range<4.3.7

AND

siemensruggedcom_i803Match-

Node

siemensruggedcom_ros_m969Range<4.3.7

AND

siemensruggedcom_m969Match-

Node

siemensruggedcom_ros_m2100Range<4.3.7

AND

siemensruggedcom_m2100Match-

Node

siemensruggedcom_ros_m2200Range<4.3.7

AND

siemensruggedcom_m2200Match-

Node

siemensruggedcom_ros_rmcRange<4.3.7

AND

siemensruggedcom_rmcMatch-

Node

siemensruggedcom_ros_rmc20Range<4.3.7

AND

siemensruggedcom_rmc20Match-

Node

siemensruggedcom_ros_rmc30Range<4.3.7

AND

siemensruggedcom_rmc30Match-

Node

siemensruggedcom_ros_rmc40Range<4.3.7

AND

siemensruggedcom_rmc40Match-

Node

siemensruggedcom_ros_rmc41Range<4.3.7

AND

siemensruggedcom_rmc41Match-

Node

siemensruggedcom_ros_rmc8388Range<4.3.7

siemensruggedcom_ros_rmc8388Range5.0.0–5.5.4

AND

siemensruggedcom_rmc8388Match-

Node

siemensruggedcom_ros_rp110Range<4.3.7

AND

siemensruggedcom_rp110Match-

Node

siemensruggedcom_ros_rs400Range<4.3.7

AND

siemensruggedcom_rs400Match-

Node

siemensruggedcom_ros_rs401Range<4.3.7

AND

siemensruggedcom_rs401Match-

Node

siemensruggedcom_ros_rs416Range<4.3.7

AND

siemensruggedcom_rs416Match-

Node

siemensruggedcom_ros_rs416v2Range<4.3.7

siemensruggedcom_ros_rs416v2Range5.5.0–5.5.4

AND

siemensruggedcom_rs416v2Match-

Node

siemensruggedcom_ros_rs900Range<4.3.7

siemensruggedcom_ros_rs900Range5.0.0–5.5.4

AND

siemensruggedcom_rs900Match-

Node

siemensruggedcom_ros_rs900gRange<4.3.7

siemensruggedcom_ros_rs900gRange5.0.0–5.5.4

AND

siemensruggedcom_rs900gMatch-

Node

siemensruggedcom_ros_rs900gpRange<4.3.7

AND

siemensruggedcom_rs900gpMatch-

Node

siemensruggedcom_ros_rs900lRange<4.3.7

AND

siemensruggedcom_rs900lMatch-

Node

siemensruggedcom_ros_rs900wRange<4.3.7

AND

siemensruggedcom_rs900wMatch-

Node

siemensruggedcom_ros_rs910Range<4.3.7

AND

siemensruggedcom_rs910Match-

Node

siemensruggedcom_ros_rs910lRange<4.3.7

AND

siemensruggedcom_rs910lMatch-

Node

siemensruggedcom_ros_rs910wRange<4.3.7

AND

siemensruggedcom_rs910wMatch-

Node

siemensruggedcom_ros_rs920lRange<4.3.7

AND

siemensruggedcom_rs920lMatch-

Node

siemensruggedcom_ros_rs920wRange<4.3.7

AND

siemensruggedcom_rs920wMatch-

Node

siemensruggedcom_ros_rs930lRange<4.3.7

AND

siemensruggedcom_rs930lMatch-

Node

siemensruggedcom_ros_rs930wRange<4.3.7

AND

siemensruggedcom_rs930wMatch-

Node

siemensruggedcom_ros_rs940gRange<4.3.7

AND

siemensruggedcom_rs940gMatch-

Node

siemensruggedcom_ros_rs969Range<4.3.7

AND

siemensruggedcom_rs969Match-

Node

siemensruggedcom_ros_rs8000Range<4.3.7

AND

siemensruggedcom_rs8000Match-

Node

siemensruggedcom_ros_rs8000aRange<4.3.7

AND

siemensruggedcom_rs8000aMatch-

Node

siemensruggedcom_ros_rs8000hRange<4.3.7

AND

siemensruggedcom_rs8000hMatch-

Node

siemensruggedcom_ros_rs8000tRange<4.3.7

AND

siemensruggedcom_rs8000tMatch-

Node

siemensruggedcom_ros_rsg900Range<4.3.7

siemensruggedcom_ros_rsg900Range5.5.0–5.5.4

AND

siemensruggedcom_rsg900Match-

Node

siemensruggedcom_ros_rsg900cRange<5.5.4

AND

siemensruggedcom_rsg900cMatch-

Node

siemensruggedcom_ros_rsg900gRange<4.3.7

siemensruggedcom_ros_rsg900gRange5.0.0–5.5.4

AND

siemensruggedcom_rsg900gMatch-

Node

siemensruggedcom_ros_rsg900rRange<5.5.4

AND

siemensruggedcom_rsg900rMatch-

Node

siemensruggedcom_ros_rsg920pRange<4.3.7

siemensruggedcom_ros_rsg920pRange5.0.0–5.5.4

AND

siemensruggedcom_rsg920pMatch-

Node

siemensruggedcom_ros_rsg2100Range<4.3.7

siemensruggedcom_ros_rsg2100Range5.0.0–5.5.4

AND

siemensruggedcom_rsg2100Match-

Node

siemensruggedcom_ros_rsg2100pRange<4.3.7

siemensruggedcom_ros_rsg2100pRange5.0.0–5.3.4

AND

siemensruggedcom_rsg2100pMatch-

Node

siemensruggedcom_ros_rsg2200Range<4.3.7

AND

siemensruggedcom_rsg2200Match-

Node

siemensruggedcom_ros_rsg2288Range<4.3.7

siemensruggedcom_ros_rsg2288Range5.0.0–5.5.4

AND

siemensruggedcom_rsg2288Match-

Node

siemensruggedcom_ros_rsg2300Range<4.3.7

siemensruggedcom_ros_rsg2300Range5.0.0–5.3.4

AND

siemensruggedcom_rsg2300Match-

Node

siemensruggedcom_ros_rsg2300pRange<4.3.7

siemensruggedcom_ros_rsg2300pRange5.5.0–5.5.4

AND

siemensruggedcom_rsg2300pMatch-

Node

siemensruggedcom_ros_rsg2488Range<4.3.7

siemensruggedcom_ros_rsg2488Range5.0.0–5.5.4

AND

siemensruggedcom_rsg2488Match-

Node

siemensruggedcom_ros_rsl910Range<5.5.4

AND

siemensruggedcom_rsl910Match-

Node

siemensruggedcom_ros_rst916cRange<5.5.4

AND

siemensruggedcom_rst916cMatch-

Node

siemensruggedcom_ros_rst916pRange<5.5.4

AND

siemensruggedcom_rst916pMatch-

Node

siemensruggedcom_ros_rst2228Range<5.5.4

AND

siemensruggedcom_rst2228Match-

CPENameOperatorVersion
siemens:ruggedcom_ros_i800siemens ruggedcom ros i800lt4.3.7

CPE	Name	Operator	Version
siemens:ruggedcom_ros_i800	siemens ruggedcom ros i800	lt	4.3.7

CNA Affected

[
  {
    "product": "RUGGEDCOM ROS M2100",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS M2200",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS M969",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RMC",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RMC20",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RMC30",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RMC40",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RMC41",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RMC8388 V4.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RMC8388 V5.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V5.5.4"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RP110",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RS400",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RS401",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RS416",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RS416v2 V4.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RS416v2 V5.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < 5.5.4"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RS8000",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RS8000A",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RS8000H",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RS8000T",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RS900 (32M) V4.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RS900 (32M) V5.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V5.5.4"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RS900G",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RS900G (32M) V4.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RS900G (32M) V5.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V5.5.4"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RS900GP",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RS900L",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RS900W",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RS910",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RS910L",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RS910W",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RS920L",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RS920W",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RS930L",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RS930W",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RS940G",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RS969",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RSG2100 (32M) V4.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RSG2100 (32M) V5.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V5.5.4"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RSG2100 V4.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RSG2100P",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RSG2100P (32M) V4.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RSG2100P (32M) V5.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V5.5.4"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RSG2200",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RSG2288 V4.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RSG2288 V5.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V5.5.4"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RSG2300 V4.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RSG2300 V5.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V5.5.4"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RSG2300P V4.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RSG2300P V5.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V5.5.4"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RSG2488 V4.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RSG2488 V5.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V5.5.4"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RSG900 V4.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RSG900 V5.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V5.5.4"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RSG900C",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V5.5.4"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RSG900G V4.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RSG900G V5.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V5.5.4"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RSG900R",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V5.5.4"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RSG920P V4.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RSG920P V5.X",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V5.5.4"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RSL910",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V5.5.4"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RST2228",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V5.5.4"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RST916C",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V5.5.4"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS RST916P",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V5.5.4"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS i800",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS i801",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS i802",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  },
  {
    "product": "RUGGEDCOM ROS i803",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.3.7"
      }
    ]
  }
]

References

cert-portal.siemens.com/productcert/pdf/ssa-373591.pdf

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

77.8%

JSON

Related for CVE-2021-31895

cvelist1 nvd1 nessus1 prion1 ics1