CVE-2021-31346

A vulnerability has been identified in Capital Embedded AR Classic 431-422 All versions, Capital Embedded AR Classic R20-11 All versions V2303, PLUSCONTROL 1st Gen All versions, SIMOTICS CONNECT 400 All versions V0.5.0.0, SIMOTICS CONNECT 400 All versions V1.0.0.0. The total length of an ICMP...

Siemens Nucleus RTOS-based APOGEE and TALON Products Improper Validation of Specified Quantity in Input (CVE-2021-31346)

A vulnerability has been identified in APOGEE MBC PPC BACnet All versions, APOGEE MBC PPC P2 Ethernet All versions, APOGEE MEC PPC BACnet All versions, APOGEE MEC PPC P2 Ethernet All versions, APOGEE PXC Compact BACnet All versions = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and...

Siemens Energy PLUSCONTROL

1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Energy Equipment: PLUSCONTROL Vulnerabilities: Type Confusion, Improper Validation of Specified Quantity in Input, Buffer Access with Incorrect Length Value, Integer Underflow, Improper Handling...

CVE-2021-31346

creationtimestamp| type| source ---|---|--- 2021-11-09 14:30:39+00:00| seen| https://t.me/cibsecurity/32048...

CVE-2021-31346

CVE-2021-31346 affects Siemens Nucleus NET/KERNEL-based devices (Capital Embedded AR Classic, PLUSCONTROL, SIMOTICS CONNECT 400, Capital VSTAR, etc.). Root cause: the total length of an ICMP payload (set in the IP header) is unchecked, enabling information leaks and Denial-of-Service conditions v...