RSS   Podatności dla 'Nucleus readystart'   RSS

2021-04-22
 
CVE-2021-27393

CWE-330
 

 
A vulnerability has been identified in Nucleus NET (All versions), Nucleus RTOS (versions including affected DNS modules), Nucleus ReadyStart (All versions < V2013.08), Nucleus Source Code (versions including affected DNS modules), VSTAR (versions including affected DNS modules). The DNS client does not properly randomize UDP port numbers of DNS requests. That could allow an attacker to poison the DNS cache or spoof DNS resolving.

 
 
CVE-2021-25677

CWE-330
 

 
A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All versions), Nucleus RTOS (versions including affected DNS modules), Nucleus ReadyStart (All versions < V2017.02.3), Nucleus Source Code (versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions >= V0.5.0.0), VSTAR (versions including affected DNS modules). The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the DNS cache or spoof DNS resolving.

 
 
CVE-2021-25664

CWE-835
 

 
A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All versions), Nucleus ReadyStart (All versions), Nucleus Source Code (versions including affected IPv6 stack), VSTAR (versions including affected IPv6 stack). The function that processes the Hop-by-Hop extension header in IPv6 packets and its options lacks any checks against the length field of the header, allowing attackers to put the function into an infinite loop by supplying arbitrary length values.

 
 
CVE-2021-25663

CWE-835
 

 
A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All versions), Nucleus ReadyStart (All versions), Nucleus Source Code (versions including affected IPv6 stack), VSTAR (versions including affected IPv6 stack). The function that processes IPv6 headers does not check the lengths of extension header options, allowing attackers to put this function into an infinite loop with crafted length values.

 
 
CVE-2020-27738

CWE-119
 

 
A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All versions), Nucleus RTOS (versions including affected DNS modules), Nucleus ReadyStart (All versions < V2017.02.3), Nucleus Source Code (versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), VSTAR (versions including affected DNS modules). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a read access past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition.

 
 
CVE-2020-27737

CWE-125
 

 
A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All versions), Nucleus RTOS (versions including affected DNS modules), Nucleus ReadyStart (All versions < V2017.02.3), Nucleus Source Code (versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), VSTAR (versions including affected DNS modules). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the memory past the allocated structure.

 
 
CVE-2020-27736

CWE-170
 

 
A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All versions), Nucleus RTOS (versions including affected DNS modules), Nucleus ReadyStart (All versions < V2017.02.3), Nucleus Source Code (versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), VSTAR (versions including affected DNS modules). The DNS domain name label parsing functionality does not properly validate the null-terminated name in DNS-responses. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the read memory.

 
2020-01-16
 
CVE-2019-13939

CWE-20
 

 
A vulnerability has been identified in Nucleus NET (All versions), Nucleus RTOS (All versions), Nucleus ReadyStart for ARM, MIPS, and PPC (All versions < V2017.02.2 with patch "Nucleus 2017.02.02 Nucleus NET Patch"), Nucleus SafetyCert (All versions), Nucleus Source Code (All versions), VSTAR (All versions). By sending specially crafted DHCP packets to a device, an attacker may be able to affect availability and integrity of the device. Adjacent network access, but no authentication and no user interaction is needed to conduct this attack. At the time of advisory publication no public exploitation of this security vulnerability was known.

 

 >>> Vendor: Siemens 588 Produkty
Reliant unix
Hinet lp
3568i wap
M45
S45
S55
Santis 50
Speedstream wireless router
Gigaset se361 wlan router
Speedstream 6520
Speedstream 5200
Gigaset wlan camera
Gigaset c450 ip
Gigaset c475 ip
Gigaset se461 wimax router
Simatic pcs 7
Simatic wincc
Simatic wincc flexible runtime
Simatic wincc runtime
Tecnomatix factorylink
Simatic hmi panels
Wincc
Wincc flexible
Wincc flexible runtime
Wincc runtime advanced
Automation license manager
Scalance s firmware
Scalance s602
Scalance s612
Scalance s613
Scalance x-300 firmware
Scalance x-300eec firmware
Scalance x308-2m firmware
Scalance x414-3e firmware
Scalance xr-300 firmware
Scalance x-300
Scalance x-300eec
Scalance x308-2m
Scalance x414-3e
Scalance xr-300
Simatic pcs7
Simatic step 7
Simatic s7-400 cpu 412-2 pn
Simatic s7-400 cpu 414-3 pn/dp
Simatic s7-400 cpu 414f-3 pn/dp
Simatic s7-400 cpu 416-3 pn/dp
Simatic s7-400 cpu 416f-3 pn/dp
Simatic s7-400 cpu firmware
Synco ozw web server
Synco ozw web server firmware
Comos
Simatic s7-1200 plc
Sipass integrated
Processsuite
ROS
Rox i os
Rox ii os
Ruggedmax os
Simatic rf-manager
Simatic rf-manager 2008
Wincc tia portal
Scalance x204irt
Scalance x202-2irt
Scalance x202-2p irt
Scalance x201-3p irt
Scalance x200-4p irt
Scalance xf204irt
Scalance x200irt firmware
Openscape session border controller
Enterprise openscape branch
Scalance w744-1
Scalance w744-1pro
Scalance w746-1
Scalance w746-1pro
Scalance w747-1
Scalance w747-1rr
Scalance w784-1
Scalance w784-1rr
Scalance w786-1pro
Scalance w786-2pro
Scalance w786-2rr
Scalance w786-3pro
Scalance w788-1pro
Scalance w788-1rr
Scalance w788-2pro
Scalance w788-2rr
Scalance w700 series firmware
Scalance x-200
Scalance x-200rna
Scalance xf-200
Scalance x-200 series firmware
Sinamics g110
Sinamics g110d
Sinamics g120
Sinamics g120c
Sinamics g120d
Sinamics g120p
Sinamics g130
Sinamics g150
Sinamics g180
Zobacz wszystkie produkty dla producenta Siemens


Copyright 2021, cxsecurity.com

 

Back to Top