Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2021-20093
HistoryJun 16, 2021 - 12:15 p.m.

CVE-2021-20093

2021-06-1612:15:12
CWE-125
[email protected]
web.nvd.nist.gov
7
buffer over-read
wibu-systems
codemeter
vulnerability
remote attacker
heap memory

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

EPSS

0.093

Percentile

94.7%

JSON

A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An unauthenticated remote attacker can exploit this issue to disclose heap memory contents or crash the CodeMeter Runtime Server.

Affected configurations

Nvd
Node
wibucodemeterRange7.21a
Node
siemenspss_capeMatch-
Node
siemenssicam_230Match-
AND
siemenssicam_230_firmware
Node
siemenssimatic_information_serverMatch2019sp1
OR
siemenssimatic_information_serverMatch2020-
OR
siemenssimatic_pcs_neoRange<3.1
OR
siemenssimatic_wincc_oaMatch3.17-
OR
siemenssimatic_wincc_oaMatch3.18-
OR
siemenssimit_simulation_platformRange10.010.3
OR
siemenssimit_simulation_platformMatch10.3-
OR
siemenssinec_infrastructure_network_servicesRange<1.0.1.1
OR
siemenssinec_infrastructure_network_servicesMatch1.0.1-
OR
siemenssinema_remote_connect_serverRange<3.0
OR
siemenssinema_remote_connect_serverMatch3.0-
OR
siemenssinema_remote_connect_serverMatch3.0sp1
OR
siemenssimatic_process_historianRange20192020
OR
siemenssimatic_process_historianMatch2020-
VendorProductVersionCPE
wibucodemeter*cpe:2.3:a:wibu:codemeter:*:*:*:*:*:*:*:*
siemenspss_cape-cpe:2.3:a:siemens:pss_cape:-:*:*:*:*:*:*:*
siemenssicam_230-cpe:2.3:h:siemens:sicam_230:-:*:*:*:*:*:*:*
siemenssicam_230_firmware*cpe:2.3:o:siemens:sicam_230_firmware:*:*:*:*:*:*:*:*
siemenssimatic_information_server2019cpe:2.3:a:siemens:simatic_information_server:2019:sp1:*:*:*:*:*:*
siemenssimatic_information_server2020cpe:2.3:a:siemens:simatic_information_server:2020:-:*:*:*:*:*:*
siemenssimatic_pcs_neo*cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*
siemenssimatic_wincc_oa3.17cpe:2.3:a:siemens:simatic_wincc_oa:3.17:-:*:*:*:*:*:*
siemenssimatic_wincc_oa3.18cpe:2.3:a:siemens:simatic_wincc_oa:3.18:-:*:*:*:*:*:*
siemenssimit_simulation_platform*cpe:2.3:a:siemens:simit_simulation_platform:*:*:*:*:*:*:*:*
Rows per page:
1-10 of 181

Related

cvelist 1
prion 1
nessus 3
cve 1
osv 1
ics 2
cvelist
cvelist
CVE-2021-20093
2021-06-16 11:09:02
prion
prion
Buffer overflow
2021-06-16 12:15:00
nessus
nessus
CodeMeter Runtime Buffer Over-read (WIBU-210423-01)
2021-06-23 00:00:00
Siemens Buffer Over-Read in Wibu-Systems CodeMeter Runtime (CVE-2021-20093)
2022-11-07 00:00:00
Siemens Buffer Over-Read in Wibu-Systems CodeMeter Runtime (CVE-2021-20094)
2023-02-28 00:00:00
cve
cve
CVE-2021-20093
2021-06-16 12:15:12
osv
osv
CVE-2021-20093
2021-06-16 12:15:12
ics
ics
Wibu-Systems CodeMeter Runtime
2021-07-29 12:00:00
Siemens Desigo CC product family
2023-11-16 12:00:00

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

EPSS

0.093

Percentile

94.7%

JSON
Related for NVD:CVE-2021-20093
cvelist1prion1nessus3cve1osv1ics2