CVE-2021-31893
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution.
Se ha identificado una vulnerabilidad en SIMATIC PCS 7 versiones V8.2 y anteriores (Todas las versiones), SIMATIC PCS 7 versiones V9.0 (Todas las versiones anteriores a V9.0 SP3), SIMATIC PDM (Todas las versiones anteriores a V9.2), SIMATIC STEP 7 versiones V5.X (Todas las versiones anteriores a V5.6 SP2 HF3), SINAMICS STARTER (que contiene la versión OEM de STEP 7) (Todas las versiones anteriores a V5.4 HF2). El software afectado contiene una vulnerabilidad de desbordamiento de búfer mientras se manejan determinados archivos que podría permitir a un atacante local desencadenar una condición de denegación de servicio o potencialmente conllevar a una ejecución de código remota
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-04-29 CVE Reserved
- 2021-07-13 CVE Published
- 2023-12-26 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf | 2021-08-06 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Siemens Search vendor "Siemens" | Simatic Pcs Firmware Search vendor "Siemens" for product "Simatic Pcs Firmware" | <= 8.2 Search vendor "Siemens" for product "Simatic Pcs Firmware" and version " <= 8.2" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Pcs Search vendor "Siemens" for product "Simatic Pcs" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Pcs Firmware Search vendor "Siemens" for product "Simatic Pcs Firmware" | 9.0 Search vendor "Siemens" for product "Simatic Pcs Firmware" and version "9.0" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Pcs Search vendor "Siemens" for product "Simatic Pcs" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Pcs Firmware Search vendor "Siemens" for product "Simatic Pcs Firmware" | 9.0 Search vendor "Siemens" for product "Simatic Pcs Firmware" and version "9.0" | sp1 |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Pcs Search vendor "Siemens" for product "Simatic Pcs" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Pcs Firmware Search vendor "Siemens" for product "Simatic Pcs Firmware" | 9.0 Search vendor "Siemens" for product "Simatic Pcs Firmware" and version "9.0" | sp2 |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Pcs Search vendor "Siemens" for product "Simatic Pcs" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Pdm Firmware Search vendor "Siemens" for product "Simatic Pdm Firmware" | < 9.2 Search vendor "Siemens" for product "Simatic Pdm Firmware" and version " < 9.2" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Pdm Search vendor "Siemens" for product "Simatic Pdm" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Step 7 Firmware Search vendor "Siemens" for product "Simatic Step 7 Firmware" | <= 5.6 Search vendor "Siemens" for product "Simatic Step 7 Firmware" and version " <= 5.6" | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Step 7 Search vendor "Siemens" for product "Simatic Step 7" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Sinamics Starter Firmware Search vendor "Siemens" for product "Sinamics Starter Firmware" | < 5.4 Search vendor "Siemens" for product "Sinamics Starter Firmware" and version " < 5.4" | - |
Affected
| in | Siemens Search vendor "Siemens" | Sinamics Starter Search vendor "Siemens" for product "Sinamics Starter" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Sinamics Starter Firmware Search vendor "Siemens" for product "Sinamics Starter Firmware" | 5.4 Search vendor "Siemens" for product "Sinamics Starter Firmware" and version "5.4" | - |
Affected
| in | Siemens Search vendor "Siemens" | Sinamics Starter Search vendor "Siemens" for product "Sinamics Starter" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Sinamics Starter Firmware Search vendor "Siemens" for product "Sinamics Starter Firmware" | 5.4 Search vendor "Siemens" for product "Sinamics Starter Firmware" and version "5.4" | hotfix_1 |
Affected
| in | Siemens Search vendor "Siemens" | Sinamics Starter Search vendor "Siemens" for product "Sinamics Starter" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Sinamics Starter Firmware Search vendor "Siemens" for product "Sinamics Starter Firmware" | 5.4 Search vendor "Siemens" for product "Sinamics Starter Firmware" and version "5.4" | hotfix_2 |
Affected
| in | Siemens Search vendor "Siemens" | Sinamics Starter Search vendor "Siemens" for product "Sinamics Starter" | - | - |
Safe
|