Information Leak and Denial of Service in Capital Embedded AR and SIMOTICS Products
CVE-2021-31889

7.5HIGH

Key Information:

Vendor: Siemens
Status: Capital Embedded Ar Classic 431-422; Capital Embedded Ar Classic R20-11; Pluscontrol 1st Gen; Simotics Connect 400
Vendor: CVE Published:; 9 November 2021

What is CVE-2021-31889?

A vulnerability affecting Siemens products has been identified, specifically in Capital Embedded AR Classic and SIMOTICS CONNECT 400 series. Attackers can exploit malformed TCP packets containing a corrupted SACK option, potentially leading to information leaks and denial-of-service conditions. This issue affects all versions of Capital Embedded AR Classic 431-422, as well as specific versions of Capital Embedded AR Classic R20-11, PLUSCONTROL 1st Gen, and SIMOTICS CONNECT 400. Users are advised to take proper defensive measures to mitigate associated risks.

Affected Version(s)

Capital Embedded AR Classic 431-422 0

Capital Embedded AR Classic R20-11 0

PLUSCONTROL 1st Gen All versions

References

https://cert-portal.siemens.com/productcert/pdf/ssa-11458...

x_refsource_MISC

https://cert-portal.siemens.com/productcert/pdf/ssa-04411...

x_refsource_MISC

https://cert-portal.siemens.com/productcert/pdf/ssa-62028...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 9, 2021
Vulnerability Reserved
Apr 29, 2021