Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-31895

A vulnerability has been identified in RUGGEDCOM i800 (All versions < V4.3.7), RUGGEDCOM i801 (All versions < V4.3.7), RUGGEDCOM i802 (All versions < V4.3.7), RUGGEDCOM i803 (All versions < V4.3.7), RUGGEDCOM M2100 (All versions < V4.3.7), RUGGEDCOM M2200 (All versions < V4.3.7), RUGGEDCOM M969 (All versions < V4.3.7), RUGGEDCOM RMC30 (All versions < V4.3.7), RUGGEDCOM RMC8388 V4.X (All versions < V4.3.7), RUGGEDCOM RMC8388 V5.X (All versions < V5.5.4), RUGGEDCOM RP110 (All versions < V4.3.7), RUGGEDCOM RS1600 (All versions < V4.3.7), RUGGEDCOM RS1600F (All versions < V4.3.7), RUGGEDCOM RS1600T (All versions < V4.3.7), RUGGEDCOM RS400 (All versions < V4.3.7), RUGGEDCOM RS401 (All versions < V4.3.7), RUGGEDCOM RS416 (All versions < V4.3.7), RUGGEDCOM RS416P (All versions < V4.3.7), RUGGEDCOM RS416Pv2 V4.X (All versions < V4.3.7), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.5.4), RUGGEDCOM RS416v2 V4.X (All versions < V4.3.7), RUGGEDCOM RS416v2 V5.X (All versions < 5.5.4), RUGGEDCOM RS8000 (All versions < V4.3.7), RUGGEDCOM RS8000A (All versions < V4.3.7), RUGGEDCOM RS8000H (All versions < V4.3.7), RUGGEDCOM RS8000T (All versions < V4.3.7), RUGGEDCOM RS900 (32M) V4.X (All versions < V4.3.7), RUGGEDCOM RS900 (32M) V5.X (All versions < V5.5.4), RUGGEDCOM RS900G (All versions < V4.3.7), RUGGEDCOM RS900G (32M) V4.X (All versions < V4.3.7), RUGGEDCOM RS900G (32M) V5.X (All versions < V5.5.4), RUGGEDCOM RS900GP (All versions < V4.3.7), RUGGEDCOM RS900L (All versions < V4.3.7), RUGGEDCOM RS900W (All versions < V4.3.7), RUGGEDCOM RS910 (All versions < V4.3.7), RUGGEDCOM RS910L (All versions < V4.3.7), RUGGEDCOM RS910W (All versions < V4.3.7), RUGGEDCOM RS920L (All versions < V4.3.7), RUGGEDCOM RS920W (All versions < V4.3.7), RUGGEDCOM RS930L (All versions < V4.3.7), RUGGEDCOM RS930W (All versions < V4.3.7), RUGGEDCOM RS940G (All versions < V4.3.7), RUGGEDCOM RS969 (All versions < V4.3.7), RUGGEDCOM RSG2100 (All versions), RUGGEDCOM RSG2100 (32M) V4.X (All versions < V4.3.7), RUGGEDCOM RSG2100 (32M) V5.X (All versions < V5.5.4), RUGGEDCOM RSG2100P (All versions < V4.3.7), RUGGEDCOM RSG2100P (32M) V4.X (All versions < V4.3.7), RUGGEDCOM RSG2100P (32M) V5.X (All versions < V5.5.4), RUGGEDCOM RSG2100PNC (32M) V4.X (All versions < V4.3.7), RUGGEDCOM RSG2100PNC (32M) V5.X (All versions < V5.5.4), RUGGEDCOM RSG2200 (All versions < V4.3.7), RUGGEDCOM RSG2288 V4.X (All versions < V4.3.7), RUGGEDCOM RSG2288 V5.X (All versions < V5.5.4), RUGGEDCOM RSG2300 V4.X (All versions < V4.3.7), RUGGEDCOM RSG2300 V5.X (All versions < V5.5.4), RUGGEDCOM RSG2300P V4.X (All versions < V4.3.7), RUGGEDCOM RSG2300P V5.X (All versions < V5.5.4), RUGGEDCOM RSG2488 V4.X (All versions < V4.3.7), RUGGEDCOM RSG2488 V5.X (All versions < V5.5.4), RUGGEDCOM RSG907R (All versions < V5.5.4), RUGGEDCOM RSG908C (All versions < V5.5.4), RUGGEDCOM RSG909R (All versions < V5.5.4), RUGGEDCOM RSG910C (All versions < V5.5.4), RUGGEDCOM RSG920P V4.X (All versions < V4.3.7), RUGGEDCOM RSG920P V5.X (All versions < V5.5.4), RUGGEDCOM RSL910 (All versions < V5.5.4), RUGGEDCOM RST2228 (All versions < V5.5.4), RUGGEDCOM RST2228P (All versions < V5.5.4), RUGGEDCOM RST916C (All versions < V5.5.4), RUGGEDCOM RST916P (All versions < V5.5.4). The DHCP client in affected devices fails to properly sanitize incoming DHCP packets. This could allow an unauthenticated remote attacker to cause memory to be overwritten, potentially allowing remote code execution.

Published

2021-07-13T11:15:09.677

Last Modified

2025-05-13T10:15:17.910

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.1 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

6.4

Weaknesses

Type: Secondary
CWE-120
Type: Primary
CWE-787

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	siemens	ruggedcom_ros_i800	< 4.3.7	Yes
Hardware	siemens	ruggedcom_i800	-	No
Operating System	siemens	ruggedcom_ros_i801	< 4.3.7	Yes
Hardware	siemens	ruggedcom_i801	-	No
Operating System	siemens	ruggedcom_ros_i802	< 4.3.7	Yes
Hardware	siemens	ruggedcom_i802	-	No
Operating System	siemens	ruggedcom_ros_i803	< 4.3.7	Yes
Hardware	siemens	ruggedcom_i803	-	No
Operating System	siemens	ruggedcom_ros_m969	< 4.3.7	Yes
Hardware	siemens	ruggedcom_m969	-	No
Operating System	siemens	ruggedcom_ros_m2100	< 4.3.7	Yes
Hardware	siemens	ruggedcom_m2100	-	No
Operating System	siemens	ruggedcom_ros_m2200	< 4.3.7	Yes
Hardware	siemens	ruggedcom_m2200	-	No
Operating System	siemens	ruggedcom_ros_rmc	< 4.3.7	Yes
Hardware	siemens	ruggedcom_rmc	-	No
Operating System	siemens	ruggedcom_ros_rmc20	< 4.3.7	Yes
Hardware	siemens	ruggedcom_rmc20	-	No
Operating System	siemens	ruggedcom_ros_rmc30	< 4.3.7	Yes
Hardware	siemens	ruggedcom_rmc30	-	No
Operating System	siemens	ruggedcom_ros_rmc40	< 4.3.7	Yes
Hardware	siemens	ruggedcom_rmc40	-	No
Operating System	siemens	ruggedcom_ros_rmc41	< 4.3.7	Yes
Hardware	siemens	ruggedcom_rmc41	-	No
Operating System	siemens	ruggedcom_ros_rmc8388	< 4.3.7	Yes
Operating System	siemens	ruggedcom_ros_rmc8388	< 5.5.4	Yes
Hardware	siemens	ruggedcom_rmc8388	-	No
Operating System	siemens	ruggedcom_ros_rp110	< 4.3.7	Yes
Hardware	siemens	ruggedcom_rp110	-	No
Operating System	siemens	ruggedcom_ros_rs400	< 4.3.7	Yes
Hardware	siemens	ruggedcom_rs400	-	No
Operating System	siemens	ruggedcom_ros_rs401	< 4.3.7	Yes
Hardware	siemens	ruggedcom_rs401	-	No
Operating System	siemens	ruggedcom_ros_rs416	< 4.3.7	Yes
Hardware	siemens	ruggedcom_rs416	-	No
Operating System	siemens	ruggedcom_ros_rs416v2	< 4.3.7	Yes
Operating System	siemens	ruggedcom_ros_rs416v2	< 5.5.4	Yes
Hardware	siemens	ruggedcom_rs416v2	-	No
Operating System	siemens	ruggedcom_ros_rs900	< 4.3.7	Yes
Operating System	siemens	ruggedcom_ros_rs900	< 5.5.4	Yes
Hardware	siemens	ruggedcom_rs900	-	No
Operating System	siemens	ruggedcom_ros_rs900g	< 4.3.7	Yes
Operating System	siemens	ruggedcom_ros_rs900g	< 5.5.4	Yes
Hardware	siemens	ruggedcom_rs900g	-	No
Operating System	siemens	ruggedcom_ros_rs900gp	< 4.3.7	Yes
Hardware	siemens	ruggedcom_rs900gp	-	No
Operating System	siemens	ruggedcom_ros_rs900l	< 4.3.7	Yes
Hardware	siemens	ruggedcom_rs900l	-	No
Operating System	siemens	ruggedcom_ros_rs900w	< 4.3.7	Yes
Hardware	siemens	ruggedcom_rs900w	-	No
Operating System	siemens	ruggedcom_ros_rs910	< 4.3.7	Yes
Hardware	siemens	ruggedcom_rs910	-	No
Operating System	siemens	ruggedcom_ros_rs910l	< 4.3.7	Yes
Hardware	siemens	ruggedcom_rs910l	-	No
Operating System	siemens	ruggedcom_ros_rs910w	< 4.3.7	Yes
Hardware	siemens	ruggedcom_rs910w	-	No
Operating System	siemens	ruggedcom_ros_rs920l	< 4.3.7	Yes
Hardware	siemens	ruggedcom_rs920l	-	No
Operating System	siemens	ruggedcom_ros_rs920w	< 4.3.7	Yes
Hardware	siemens	ruggedcom_rs920w	-	No
Operating System	siemens	ruggedcom_ros_rs930l	< 4.3.7	Yes
Hardware	siemens	ruggedcom_rs930l	-	No
Operating System	siemens	ruggedcom_ros_rs930w	< 4.3.7	Yes
Hardware	siemens	ruggedcom_rs930w	-	No
Operating System	siemens	ruggedcom_ros_rs940g	< 4.3.7	Yes
Hardware	siemens	ruggedcom_rs940g	-	No
Operating System	siemens	ruggedcom_ros_rs969	< 4.3.7	Yes
Hardware	siemens	ruggedcom_rs969	-	No
Operating System	siemens	ruggedcom_ros_rs8000	< 4.3.7	Yes
Hardware	siemens	ruggedcom_rs8000	-	No
Operating System	siemens	ruggedcom_ros_rs8000a	< 4.3.7	Yes
Hardware	siemens	ruggedcom_rs8000a	-	No
Operating System	siemens	ruggedcom_ros_rs8000h	< 4.3.7	Yes
Hardware	siemens	ruggedcom_rs8000h	-	No
Operating System	siemens	ruggedcom_ros_rs8000t	< 4.3.7	Yes
Hardware	siemens	ruggedcom_rs8000t	-	No
Operating System	siemens	ruggedcom_ros_rsg900	< 4.3.7	Yes
Operating System	siemens	ruggedcom_ros_rsg900	< 5.5.4	Yes
Hardware	siemens	ruggedcom_rsg900	-	No
Operating System	siemens	ruggedcom_ros_rsg900c	< 5.5.4	Yes
Hardware	siemens	ruggedcom_rsg900c	-	No
Operating System	siemens	ruggedcom_ros_rsg900g	< 4.3.7	Yes
Operating System	siemens	ruggedcom_ros_rsg900g	< 5.5.4	Yes
Hardware	siemens	ruggedcom_rsg900g	-	No
Operating System	siemens	ruggedcom_ros_rsg900r	< 5.5.4	Yes
Hardware	siemens	ruggedcom_rsg900r	-	No
Operating System	siemens	ruggedcom_ros_rsg920p	< 4.3.7	Yes
Operating System	siemens	ruggedcom_ros_rsg920p	< 5.5.4	Yes
Hardware	siemens	ruggedcom_rsg920p	-	No
Operating System	siemens	ruggedcom_ros_rsg2100	< 4.3.7	Yes
Operating System	siemens	ruggedcom_ros_rsg2100	< 5.5.4	Yes
Hardware	siemens	ruggedcom_rsg2100	-	No
Operating System	siemens	ruggedcom_ros_rsg2100p	< 4.3.7	Yes
Operating System	siemens	ruggedcom_ros_rsg2100p	< 5.3.4	Yes
Hardware	siemens	ruggedcom_rsg2100p	-	No
Operating System	siemens	ruggedcom_ros_rsg2200	< 4.3.7	Yes
Hardware	siemens	ruggedcom_rsg2200	-	No
Operating System	siemens	ruggedcom_ros_rsg2288	< 4.3.7	Yes
Operating System	siemens	ruggedcom_ros_rsg2288	< 5.5.4	Yes
Hardware	siemens	ruggedcom_rsg2288	-	No
Operating System	siemens	ruggedcom_ros_rsg2300	< 4.3.7	Yes
Operating System	siemens	ruggedcom_ros_rsg2300	< 5.3.4	Yes
Hardware	siemens	ruggedcom_rsg2300	-	No
Operating System	siemens	ruggedcom_ros_rsg2300p	< 4.3.7	Yes
Operating System	siemens	ruggedcom_ros_rsg2300p	< 5.5.4	Yes
Hardware	siemens	ruggedcom_rsg2300p	-	No
Operating System	siemens	ruggedcom_ros_rsg2488	< 4.3.7	Yes
Operating System	siemens	ruggedcom_ros_rsg2488	< 5.5.4	Yes
Hardware	siemens	ruggedcom_rsg2488	-	No
Operating System	siemens	ruggedcom_ros_rsl910	< 5.5.4	Yes
Hardware	siemens	ruggedcom_rsl910	-	No
Operating System	siemens	ruggedcom_ros_rst916c	< 5.5.4	Yes
Hardware	siemens	ruggedcom_rst916c	-	No
Operating System	siemens	ruggedcom_ros_rst916p	< 5.5.4	Yes
Hardware	siemens	ruggedcom_rst916p	-	No
Operating System	siemens	ruggedcom_ros_rst2228	< 5.5.4	Yes
Hardware	siemens	ruggedcom_rst2228	-	No

References

https://cert-portal.siemens.com/productcert/html/ssa-373591.html ([email protected])
https://cert-portal.siemens.com/productcert/pdf/ssa-373591.pdf Vendor Advisory ([email protected])
https://cert-portal.siemens.com/productcert/pdf/ssa-373591.pdf Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)