Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistApacheCVELIST:CVE-2021-43083
HistoryDec 19, 2021 - 8:25 a.m.

CVE-2021-43083 Apache PLC4X 0.9.0 Buffer overflow in PLC4C via crafted server response

2021-12-1908:25:09
CWE-191
CWE-119
apache
www.cve.org

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.6%

JSON

Apache PLC4X - PLC4C (Only the C language implementation was effected) was vulnerable to an unsigned integer underflow flaw inside the tcp transport. Users should update to 0.9.1, which addresses this issue. However, in order to exploit this vulnerability, a user would have to actively connect to a mallicious device which could send a response with invalid content. Currently we consider the probability of this being exploited as quite minimal, however this could change in the future, especially with the industrial networks growing more and more together.

CNA Affected

[
  {
    "product": "Apache PLC4X",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "lessThanOrEqual": "0.9.0",
        "status": "affected",
        "version": "PLC4C",
        "versionType": "custom"
      }
    ]
  }
]

Related

cnvd 1
nvd 1
cve 1
prion 1
cnvd
cnvd
Apache PLC4X - PLC4C numeric error vulnerability
2021-12-21 00:00:00
nvd
nvd
CVE-2021-43083
2021-12-19 09:15:06
cve
cve
CVE-2021-43083
2021-12-19 09:15:06
prion
prion
Integer overflow
2021-12-19 09:15:00

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.6%

JSON
Related for CVELIST:CVE-2021-43083
cnvd1nvd1cve1prion1