4 matches found
Siemens Nucleus RTOS-based APOGEE and TALON Products Access of Resource Using Incompatible Type (CVE-2021-31344)
A vulnerability has been identified in APOGEE MBC PPC BACnet All versions, APOGEE MBC PPC P2 Ethernet All versions, APOGEE MEC PPC BACnet All versions, APOGEE MEC PPC P2 Ethernet All versions, APOGEE PXC Compact BACnet All versions = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and...
Siemens Energy PLUSCONTROL
1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Energy Equipment: PLUSCONTROL Vulnerabilities: Type Confusion, Improper Validation of Specified Quantity in Input, Buffer Access with Incorrect Length Value, Integer Underflow, Improper Handling...
CVE-2021-31344
A vulnerability has been identified in Capital Embedded AR Classic 431-422 All versions, Capital Embedded AR Classic R20-11 All versions V2303, PLUSCONTROL 1st Gen All versions, SIMOTICS CONNECT 400 All versions V0.5.0.0, SIMOTICS CONNECT 400 All versions V1.0.0.0. ICMP echo packets with fake IP...
CVE-2021-31344
CVE-2021-31344 affects Siemens/Nucleus-based devices such as Capital Embedded AR Classic, PLUSCONTROL 1st Gen, and SIMOTICS CONNECT 400 (all versions with certain UDP/ICMP handling). The vulnerability is triggered by ICMP echo packets with fake IP options, enabling ICMP echo replies to arbitrary ...