CVE-2021-29998

CRITICAL

9.8

Descripcion

An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in dhcp client.

Detalles CVE

Puntuacion CVSS v3.19.8

SeveridadCRITICAL

Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vector de ataqueNETWORK

ComplejidadLOW

Privilegios requeridosNONE

Interaccion usuarioNONE

Publicado4/13/2021

Ultima modificacion11/21/2024

Fuentenvd

Avistamientos honeypot0

Productos afectados

siemens:ruggedcom_win_subscriber_stationsiemens:ruggedcom_win_subscriber_station_firmwaresiemens:scalance_x200-4_p_irtsiemens:scalance_x200-4_p_irt_firmwaresiemens:scalance_x201-3p_irtsiemens:scalance_x201-3p_irt_firmwaresiemens:scalance_x201-3p_irt_prosiemens:scalance_x201-3p_irt_pro_firmwaresiemens:scalance_x202-2_irtsiemens:scalance_x202-2_irt_firmwaresiemens:scalance_x202-2p_irtsiemens:scalance_x202-2p_irt_firmwaresiemens:scalance_x202-2p_irt_prosiemens:scalance_x202-2p_irt_pro_firmwaresiemens:scalance_x204-2siemens:scalance_x204-2_firmwaresiemens:scalance_x204-2fmsiemens:scalance_x204-2fm_firmwaresiemens:scalance_x204-2ldsiemens:scalance_x204-2ld_firmwaresiemens:scalance_x204-2ld_tssiemens:scalance_x204-2ld_ts_firmwaresiemens:scalance_x204-2tssiemens:scalance_x204-2ts_firmwaresiemens:scalance_x204_irtsiemens:scalance_x204_irt_firmwaresiemens:scalance_x204_irt_prosiemens:scalance_x204_irt_pro_firmwaresiemens:scalance_x206-1siemens:scalance_x206-1_firmwaresiemens:scalance_x206-1ldsiemens:scalance_x206-1ld_firmwaresiemens:scalance_x208siemens:scalance_x208_firmwaresiemens:scalance_x208_prosiemens:scalance_x208_pro_firmwaresiemens:scalance_x212-2siemens:scalance_x212-2_firmwaresiemens:scalance_x212-2ldsiemens:scalance_x212-2ld_firmwaresiemens:scalance_x216siemens:scalance_x216_firmwaresiemens:scalance_x224siemens:scalance_x224_firmwaresiemens:scalance_x300siemens:scalance_x300_firmwaresiemens:scalance_x408siemens:scalance_x408_firmwaresiemens:scalance_xf201-3p_irtsiemens:scalance_xf201-3p_irt_firmwaresiemens:scalance_xf202-2p_irtsiemens:scalance_xf202-2p_irt_firmwaresiemens:scalance_xf204siemens:scalance_xf204-2siemens:scalance_xf204-2_firmwaresiemens:scalance_xf204-2ba_irtsiemens:scalance_xf204-2ba_irt_firmwaresiemens:scalance_xf204_firmwaresiemens:scalance_xf204_irtsiemens:scalance_xf204_irt_firmwaresiemens:scalance_xf206-1siemens:scalance_xf206-1_firmwaresiemens:scalance_xf208siemens:scalance_xf208_firmwaresiemens:simatic_rf_181_eipsiemens:simatic_rf_181_eip_firmwaresiemens:simatic_rf_182csiemens:simatic_rf_182c_firmwaresiemens:sinamics_perfect_harmony_gh180siemens:sinamics_perfect_harmony_gh180_firmwarewindriver:vxworks

Debilidades (CWE)

CWE-787

Referencias

https://cert-portal.siemens.com/productcert/pdf/ssa-560465.pdf(cve@mitre.org)

https://cert-portal.siemens.com/productcert/pdf/ssa-910883.pdf(cve@mitre.org)

https://support2.windriver.com/index.php?page=security-notices(cve@mitre.org)

https://us-cert.cisa.gov/ics/advisories/icsa-21-194-12(cve@mitre.org)

https://cert-portal.siemens.com/productcert/pdf/ssa-560465.pdf(af854a3a-2127-422b-91ae-364da2661108)

https://cert-portal.siemens.com/productcert/pdf/ssa-910883.pdf(af854a3a-2127-422b-91ae-364da2661108)

https://support2.windriver.com/index.php?page=security-notices(af854a3a-2127-422b-91ae-364da2661108)

https://us-cert.cisa.gov/ics/advisories/icsa-21-194-12(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.