Denial-of-Service Vulnerability in SINUMERIK 808D and 828D by Siemens
CVE-2021-37199

7.5HIGH

Key Information:

Vendor: Siemens
Status: Sinumerik 808d; Sinumerik 828d
Vendor: CVE Published:; 12 October 2021

What is CVE-2021-37199?

Siemens' SINUMERIK 808D and 828D products are affected by a vulnerability that occurs when the devices fail to properly process certain specially crafted packets sent to port 102/tcp. This flaw enables attackers to disrupt the normal operation of the device, potentially leading to a denial-of-service scenario. It is critical for users of these devices to be aware of this issue and take necessary steps to protect their systems.

Affected Version(s)

SINUMERIK 808D All versions

SINUMERIK 828D All versions < V4.95

References

https://cert-portal.siemens.com/productcert/pdf/ssa-17838...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 12, 2021
Vulnerability Reserved
Jul 21, 2021