Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-29998

An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in dhcp client.

Published

2021-04-13T17:15:12.310

Last Modified

2024-11-21T06:02:08.550

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

6.4

Weaknesses

Type: Primary
CWE-787

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	windriver	vxworks	< 6.5	Yes
Operating System	siemens	ruggedcom_win_subscriber_station_firmware	*	Yes
Hardware	siemens	ruggedcom_win_subscriber_station	-	No
Operating System	siemens	scalance_x200-4_p_irt_firmware	*	Yes
Hardware	siemens	scalance_x200-4_p_irt	-	No
Operating System	siemens	scalance_x201-3p_irt_firmware	*	Yes
Hardware	siemens	scalance_x201-3p_irt	-	No
Operating System	siemens	scalance_x201-3p_irt_pro_firmware	*	Yes
Hardware	siemens	scalance_x201-3p_irt_pro	-	No
Operating System	siemens	scalance_x202-2_irt_firmware	*	Yes
Hardware	siemens	scalance_x202-2_irt	-	No
Operating System	siemens	scalance_x202-2p_irt_firmware	*	Yes
Hardware	siemens	scalance_x202-2p_irt	-	No
Operating System	siemens	scalance_x202-2p_irt_pro_firmware	*	Yes
Hardware	siemens	scalance_x202-2p_irt_pro	-	No
Operating System	siemens	scalance_x204_irt_firmware	*	Yes
Hardware	siemens	scalance_x204_irt	-	No
Operating System	siemens	scalance_x204_irt_pro_firmware	*	Yes
Hardware	siemens	scalance_x204_irt_pro	-	No
Operating System	siemens	scalance_x204-2_firmware	*	Yes
Hardware	siemens	scalance_x204-2	-	No
Operating System	siemens	scalance_x204-2fm_firmware	*	Yes
Hardware	siemens	scalance_x204-2fm	-	No
Operating System	siemens	scalance_x204-2ld_firmware	*	Yes
Hardware	siemens	scalance_x204-2ld	-	No
Operating System	siemens	scalance_x204-2ld_ts_firmware	*	Yes
Hardware	siemens	scalance_x204-2ld_ts	-	No
Operating System	siemens	scalance_x204-2ts_firmware	*	Yes
Hardware	siemens	scalance_x204-2ts	-	No
Operating System	siemens	scalance_x206-1_firmware	*	Yes
Hardware	siemens	scalance_x206-1	-	No
Operating System	siemens	scalance_x206-1ld_firmware	*	Yes
Hardware	siemens	scalance_x206-1ld	-	No
Operating System	siemens	scalance_x208_firmware	*	Yes
Hardware	siemens	scalance_x208	-	No
Operating System	siemens	scalance_x208_pro_firmware	*	Yes
Hardware	siemens	scalance_x208_pro	-	No
Operating System	siemens	scalance_x212-2_firmware	*	Yes
Hardware	siemens	scalance_x212-2	-	No
Operating System	siemens	scalance_x212-2ld_firmware	*	Yes
Hardware	siemens	scalance_x212-2ld	-	No
Operating System	siemens	scalance_x216_firmware	*	Yes
Hardware	siemens	scalance_x216	-	No
Operating System	siemens	scalance_x224_firmware	*	Yes
Hardware	siemens	scalance_x224	-	No
Operating System	siemens	scalance_x300_firmware	*	Yes
Hardware	siemens	scalance_x300	-	No
Operating System	siemens	scalance_x408_firmware	*	Yes
Hardware	siemens	scalance_x408	-	No
Operating System	siemens	scalance_xf201-3p_irt_firmware	*	Yes
Hardware	siemens	scalance_xf201-3p_irt	-	No
Operating System	siemens	scalance_xf202-2p_irt_firmware	*	Yes
Hardware	siemens	scalance_xf202-2p_irt	-	No
Operating System	siemens	scalance_xf204_firmware	*	Yes
Hardware	siemens	scalance_xf204	-	No
Operating System	siemens	scalance_xf204_irt_firmware	*	Yes
Hardware	siemens	scalance_xf204_irt	-	No
Operating System	siemens	scalance_xf204-2_firmware	*	Yes
Hardware	siemens	scalance_xf204-2	-	No
Operating System	siemens	scalance_xf204-2ba_irt_firmware	*	Yes
Hardware	siemens	scalance_xf204-2ba_irt	-	No
Operating System	siemens	scalance_xf206-1_firmware	*	Yes
Hardware	siemens	scalance_xf206-1	-	No
Operating System	siemens	scalance_xf208_firmware	*	Yes
Hardware	siemens	scalance_xf208	-	No
Operating System	siemens	simatic_rf_181_eip_firmware	*	Yes
Hardware	siemens	simatic_rf_181_eip	-	No
Operating System	siemens	simatic_rf_182c_firmware	*	Yes
Hardware	siemens	simatic_rf_182c	-	No
Operating System	siemens	sinamics_perfect_harmony_gh180_firmware	< 2022	Yes
Hardware	siemens	sinamics_perfect_harmony_gh180	-	No

References

https://cert-portal.siemens.com/productcert/pdf/ssa-560465.pdf Third Party Advisory ([email protected])
https://cert-portal.siemens.com/productcert/pdf/ssa-910883.pdf Third Party Advisory ([email protected])
https://support2.windriver.com/index.php?page=security-notices Vendor Advisory ([email protected])
https://us-cert.cisa.gov/ics/advisories/icsa-21-194-12 Third Party Advisory, US Government Resource ([email protected])
https://cert-portal.siemens.com/productcert/pdf/ssa-560465.pdf Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://cert-portal.siemens.com/productcert/pdf/ssa-910883.pdf Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://support2.windriver.com/index.php?page=security-notices Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://us-cert.cisa.gov/ics/advisories/icsa-21-194-12 Third Party Advisory, US Government Resource (af854a3a-2127-422b-91ae-364da2661108)