CVE-2021-37181

🗓️ 14 Sep 2021 10:47:46Reported by siemensType

CVE-2021-37181: Cerberus DMS and Desigo CC versions < v5.0 QU1 allowing arbitrary code execution

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2021-37181	14 Sep 202114:21	–	circl
CNNVD	多款 Siemens 产品代码问题漏洞	14 Sep 202100:00	–	cnnvd
CNVD	Siemens Desigo CC Series CCOM Communication Component Deserialization Vulnerability	15 Sep 202100:00	–	cnvd
Cvelist	CVE-2021-37181	14 Sep 202110:47	–	cvelist
EUVD	EUVD-2021-23755	7 Oct 202500:30	–	euvd
ICS	Siemens Desigo CC Family	14 Sep 202100:00	–	ics
NVD	CVE-2021-37181	14 Sep 202111:15	–	nvd
Prion	Deserialization of untrusted data	14 Sep 202111:15	–	prion
RedhatCVE	CVE-2021-37181	22 May 202520:54	–	redhatcve

NVD

Node

siemens cerberus_dmsMatch4.0

siemens cerberus_dmsMatch4.1

siemens cerberus_dmsMatch4.2

siemens cerberus_dmsMatch5.0-

siemens desigo_ccMatch4.0

siemens desigo_ccMatch4.1

siemens desigo_ccMatch4.2

siemens desigo_ccMatch5.0-

siemens desigo_cc_compactMatch4.0

siemens desigo_cc_compactMatch4.1

siemens desigo_cc_compactMatch4.2

siemens desigo_cc_compactMatch5.0-

[
  {
    "product": "Cerberus DMS V4.0",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "Cerberus DMS V4.1",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "Cerberus DMS V4.2",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "Cerberus DMS V5.0",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < v5.0 QU1"
      }
    ]
  },
  {
    "product": "Desigo CC Compact V4.0",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "Desigo CC Compact V4.1",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "Desigo CC Compact V4.2",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "Desigo CC Compact V5.0",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V5.0 QU1"
      }
    ]
  },
  {
    "product": "Desigo CC V4.0",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "Desigo CC V4.1",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "Desigo CC V4.2",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "Desigo CC V5.0",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V5.0 QU1"
      }
    ]
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-453715.pdf

21 Nov 2024 06:14Current

9.5High risk

Vulners AI Score9.5

CVSS 27.5

CVSS 3.110

EPSS0.01102

CWE-502