CVSS: 8.6EPSS: 0%CPEs: 34EXPL: 0CVE-2022-31766
https://notcve.org/view.php?id=CVE-2022-31766
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.1.2), SCALANCE M804PB (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M826-2 SHDSL-Router (All versions < V7.1.2), SCALANCE M874-2 (All versions < V7.1.2), SCALANCE M874-3 (All versions < V7.1.2), SCALANCE M876-3 (EVDO) (All versions < V7.1.2), SCALANCE M876-3 (ROK) (All versions < V7.1.2), SCALANCE M876-4 (All versions < V7.1.2), SCALANCE M876-4 (EU) (All versions < V7.1.2), SCALANCE M876-4 (NAM) (All versions < V7.1.2), SCALANCE MUM853-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (RoW) (All versions < V7.1.2), SCALANCE S615 (All versions < V7.1.2), SCALANCE S615 EEC (All versions < V7.1.2), SCALANCE WAM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 (US) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 EEC (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 EEC (US) (All versions >= V1.1.0 < V2.0), SCALANCE WUM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WUM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WUM766-1 (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WUM766-1 (US) (All versions >= V1.1.0 < V2.0). Affected devices with TCP Event service enabled do not properly handle malformed packets. This could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources. Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 LTE(4G) EU (Todas las versiones anteriores a V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (Todas las versiones anteriores a V7.1.2), SCALANCE M804PB (Todas las versiones anteriores a V7.1. 2), SCALANCE M812-1 ADSL-Router (Anexo A) (Todas las versiones anteriores a V7.1.2), SCALANCE M812-1 ADSL-Router (Anexo B) (Todas las versiones anteriores a V7.1.2), SCALANCE M816-1 ADSL-Router (Anexo A) (Todas las versiones anteriores a V7.1. 2), SCALANCE M816-1 ADSL-Router (Anexo B) (Todas las versiones anteriores a V7.1.2), SCALANCE M826-2 SHDSL-Router (Todas las versiones anteriores a V7.1.2), SCALANCE M874-2 (Todas las versiones anteriores a V7.1.2), SCALANCE M874-3 (Todas las versiones anteriores a V7. 1.2), SCALANCE M876-3 (EVDO) (Todas las versiones anteriores a V7.1.2), SCALANCE M876-3 (ROK) (Todas las versiones anteriores a V7.1.2), SCALANCE M876-4 (EU) (Todas las versiones anteriores a V7.1.2), SCALANCE M876-4 (NAM) (Todas las versiones anteriores a V7. 1.2), SCALANCE MUM853-1 (EU) (Todas las versiones anteriores a V7.1.2), SCALANCE MUM856-1 (EU) (Todas las versiones anteriores a V7.1.2), SCALANCE MUM856-1 (RoW) (Todas las versiones anteriores a V7.1.2), SCALANCE S615 (Todas las versiones anteriores a V7. 1.2), SCALANCE WAM763-1 (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WAM766-1 (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WAM766-1 (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WAM766-1 6GHz (Todas las versiones posteriores a V1.1. 0 incluyéndola), SCALANCE WAM766-1 EEC (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WAM766-1 EEC (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WAM766-1 EEC 6GHz (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WUM763-1 (Todas las versiones posteriores a V1. 1.0 incluyéndola), SCALANCE WUM763-1 (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WUM766-1 (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WUM766-1 (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WUM766-1 6GHz (Todas las versiones posteriores a V1.1.0 incluyéndola). Los dispositivos afectados con el servicio de eventos TCP activado no manejan apropiadamente los paquetes malformados. Esto podría permitir a un atacante remoto no autenticado causar una denegación de servicio y reiniciar el dispositivo, lo que podría afectar a otros recursos de red • https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 60EXPL: 1CVE-2021-22924 – curl: Bad connection reuse due to flawed path name checks
https://notcve.org/view.php?id=CVE-2021-22924
libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' which a transfer can setto qualify how to verify the server certificate. libcurl mantiene las conexiones usadas previamente en un pool de conexiones para reusarlas en posteriores transferencias, si una de ellas coincide con la configuración. Debido a errores en la lógica, la función de coincidencia de la configuración no tenía en cuenta "issuercert" y comparaba las rutas implicadas *sin tener en cuenta el caso*, que podía conllevar a que libcurl reusara conexiones erróneas. Las rutas de los archivos son, o pueden ser, casos confidenciales en muchos sistemas, pero no en todos, y pueden incluso variar dependiendo de los sistemas de archivos usados. La comparación tampoco incluía el "issuercert" que una transferencia puede ajustar para calificar cómo verificar el certificado del servidor A flaw was found in libcurl in the way libcurl handles previously used connections without accounting for 'issuer cert' and comparing the involved paths case-insensitively. This flaw allows libcurl to use the wrong connection. • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf https://hackerone.com/reports/1223565 https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0c • CWE-20: Improper Input Validation CWE-295: Improper Certificate Validation CWE-706: Use of Incorrectly-Resolved Name or Reference •
CVSS: 7.5EPSS: 0%CPEs: 157EXPL: 0CVE-2020-28400
https://notcve.org/view.php?id=CVE-2020-28400
Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device. Los dispositivos afectados contienen una vulnerabilidad que permite a un atacante no autentificado desencadenar una condición de denegación de servicio. La vulnerabilidad puede activarse si se envía una gran cantidad de paquetes de restablecimiento de DCP al dispositivo • https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf https://us-cert.cisa.gov/ics/advisories/icsa-21-194-03 https://cert-portal.siemens.com/productcert/html/ssa-599968.html • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.9EPSS: 0%CPEs: 205EXPL: 0CVE-2021-3449 – NULL pointer deref in signature_algorithms processing
https://notcve.org/view.php?id=CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. • http://www.openwall.com/lists/oss-security/2021/03/27/1 http://www.openwall.com/lists/oss-security/2021/03/27/2 http://www.openwall.com/lists/oss-security/2021/03/28/3 http://www.openwall.com/lists/oss-security/2021/03/28/4 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148 https://kb.pulse • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-25676
https://notcve.org/view.php?id=CVE-2021-25676
A vulnerability has been identified in RUGGEDCOM RM1224 (V6.3), SCALANCE M-800 (V6.3), SCALANCE S615 (V6.3), SCALANCE SC-600 (All Versions >= V2.1 and < V2.1.3). Multiple failed SSH authentication attempts could trigger a temporary Denial-of-Service under certain conditions. When triggered, the device will reboot automatically. Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 (versión V6.3), SCALANCE M-800 (versión V6.3), SCALANCE S615 (versión V6.3), SCALANCE SC-600 (Todas las versiones posteriores a V2.1 y anteriores a V2.1.3) . Múltiples intentos fallidos de autenticación SSH podrían desencadenar una Denegación de Servicio temporal en determinadas condiciones. • https://cert-portal.siemens.com/productcert/pdf/ssa-296266.pdf https://us-cert.cisa.gov/ics/advisories/icsa-21-068-02 • CWE-307: Improper Restriction of Excessive Authentication Attempts •