Lucene search
SiemensCVELIST:CVE-2021-37186HistorySep 14, 2021 - 10:47 a.m.
CVE-2021-37186
2021-09-1410:47:49
CWE-330
siemens
www.cve.org
3
vulnerability
logo! cmr2020
cmr2040
simatic rtu3010c
simatic rtu3030c
simatic rtu3031c
simatic rtu3041c
tcp/ip
adjacent attackers
sensitive information
A vulnerability has been identified in LOGO! CMR2020 (All versions < V2.2), LOGO! CMR2040 (All versions < V2.2), SIMATIC RTU3010C (All versions < V4.0.9), SIMATIC RTU3030C (All versions < V4.0.9), SIMATIC RTU3031C (All versions < V4.0.9), SIMATIC RTU3041C (All versions < V4.0.9). The underlying TCP/IP stack does not properly calculate the random numbers used as ISN (Initial Sequence Numbers). An adjacent attacker with network access to the LAN interface could interfere with traffic, spoof the connection and gain access to sensitive information.
CNA Affected
[
{
"product": "LOGO! CMR2020",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V2.2"
}
]
},
{
"product": "LOGO! CMR2040",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V2.2"
}
]
},
{
"product": "SIMATIC RTU3010C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.0.9"
}
]
},
{
"product": "SIMATIC RTU3030C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.0.9"
}
]
},
{
"product": "SIMATIC RTU3031C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.0.9"
}
]
},
{
"product": "SIMATIC RTU3041C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V4.0.9"
}
]
}
]Related
ics
ics
Siemens LOGO! CMR and SIMATIC RTU 3000 (Update A)
2022-02-10 12:00:00
cnvd
cnvd
nvd
nvd
CVE-2021-37186
2021-09-14 11:15:25
cve
cve
CVE-2021-37186
2021-09-14 11:15:25
prion
prion
Information disclosure
2021-09-14 11:15:00
nessus
nessus