4 matches found
CVE-2021-31345
A vulnerability has been identified in Capital Embedded AR Classic 431-422 All versions, Capital Embedded AR Classic R20-11 All versions V2303, PLUSCONTROL 1st Gen All versions. The total length of an UDP payload set in the IP header is unchecked. This may lead to various side effects, including...
Siemens Nucleus RTOS-based APOGEE and TALON Products Improper Validation of Specified Quantity in Input (CVE-2021-31345)
A vulnerability has been identified in APOGEE MBC PPC BACnet All versions, APOGEE MBC PPC P2 Ethernet All versions, APOGEE MEC PPC BACnet All versions, APOGEE MEC PPC P2 Ethernet All versions, APOGEE PXC Compact BACnet All versions = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and...
Siemens Energy PLUSCONTROL
1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Energy Equipment: PLUSCONTROL Vulnerabilities: Type Confusion, Improper Validation of Specified Quantity in Input, Buffer Access with Incorrect Length Value, Integer Underflow, Improper Handling...
CVE-2021-31345
CVE-2021-31345 affects Siemens Nucleus NET-based products (Capital Embedded AR Classic, CAPITAL VSTAR/PLUSCONTROL) with an unchecked UDP payload length in the IP header. Root cause: UDP payload length is not validated, enabling information leaks and potential denial-of-service depending on the us...