Denial-of-Service Vulnerability in Siemens SIMATIC RF Readers
CVE-2021-31340

7.5HIGH

Key Information:

Vendor: Siemens
Status: Simatic Rf166c; Simatic Rf185c; Simatic Rf186c; Simatic Rf186ci
Vendor: CVE Published:; 8 June 2021

Summary

A vulnerability in Siemens' SIMATIC RF readers allows an attacker to exploit improper handling of excessive incoming connections, potentially leading to a Denial-of-Service (DoS) condition. This affects various versions of SIMATIC RF166C, RF185C, RF186C, RF186CI, RF188C, RF188CI, RF360R, as well as multiple models of SIMATIC Readers RF610R, RF615R, RF650R, RF680R, and RF685R. Exploitation of this vulnerability may disrupt services, significantly impacting operational integrity.

Affected Version(s)

SIMATIC Reader RF610R CMIIT All versions > V3.0 < V4.0

SIMATIC Reader RF610R ETSI All versions > V3.0 < V4.0

SIMATIC Reader RF610R FCC All versions > V3.0 < V4.0

References

https://cert-portal.siemens.com/productcert/pdf/ssa-78729...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 8, 2021
Vulnerability Reserved
Apr 15, 2021