Search criteria
27 vulnerabilities found for nichestack by hcc-embedded
FKIE_CVE-2021-36762
Vulnerability from fkie_nvd - Published: 2021-08-19 12:15 - Updated: 2024-11-21 06:14
Severity ?
Summary
An issue was discovered in HCC Embedded InterNiche NicheStack through 4.3. The tfshnd():tftpsrv.c TFTP packet processing function doesn't ensure that a filename is adequately '\0' terminated; therefore, a subsequent call to strlen for the filename might read out of bounds of the protocol packet buffer (if no '\0' byte exists within a reasonable range).
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/ | Mitigation, Third Party Advisory | |
| cve@mitre.org | https://www.hcc-embedded.com/about/about-interniche | Product | |
| cve@mitre.org | https://www.kb.cert.org/vuls/id/608209 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/ | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.hcc-embedded.com/about/about-interniche | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/608209 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hcc-embedded | nichestack | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hcc-embedded:nichestack:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36A27EF5-D19C-4126-850C-89387A7A1410",
"versionEndExcluding": "4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in HCC Embedded InterNiche NicheStack through 4.3. The tfshnd():tftpsrv.c TFTP packet processing function doesn\u0027t ensure that a filename is adequately \u0027\\0\u0027 terminated; therefore, a subsequent call to strlen for the filename might read out of bounds of the protocol packet buffer (if no \u0027\\0\u0027 byte exists within a reasonable range)."
},
{
"lang": "es",
"value": "Se ha detectado un problema en HCC Embedded InterNicheStack versiones hasta 4.3. La funci\u00f3n packet processing TFTP tfshnd():tftpsrv.c no asegura que un nombre de archivo est\u00e9 apropiadamente terminado en \"\\0\"; por lo tanto, una llamada posterior a strlen para el nombre de archivo podr\u00eda leer fuera de l\u00edmites del b\u00fafer de paquetes del protocolo (si no presenta ning\u00fan byte \"\\0\" dentro de un rango razonable)."
}
],
"id": "CVE-2021-36762",
"lastModified": "2024-11-21T06:14:02.443",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-19T12:15:09.133",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.hcc-embedded.com/about/about-interniche"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://www.hcc-embedded.com/about/about-interniche"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-31401
Vulnerability from fkie_nvd - Published: 2021-08-19 12:15 - Updated: 2024-11-21 06:05
Severity ?
Summary
An issue was discovered in tcp_rcv() in nptcp.c in HCC embedded InterNiche 4.0.1. The TCP header processing code doesn't sanitize the value of the IP total length field (header length + data length). With a crafted IP packet, an integer overflow occurs whenever the value of the IP data length is calculated by subtracting the length of the header from the total length of the IP packet.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf | Mitigation, Third Party Advisory | |
| cve@mitre.org | https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/ | Mitigation, Third Party Advisory | |
| cve@mitre.org | https://www.kb.cert.org/vuls/id/608209 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/ | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/608209 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hcc-embedded | nichestack | * | |
| siemens | sentron_3wl_com35_firmware | * | |
| siemens | sentron_3wl_com35 | - | |
| siemens | sentron_3wa_com190_firmware | * | |
| siemens | sentron_3wa_com190 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hcc-embedded:nichestack:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36A27EF5-D19C-4126-850C-89387A7A1410",
"versionEndExcluding": "4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sentron_3wl_com35_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "438332F0-E222-48FB-BA95-0A79EAC9E448",
"versionEndExcluding": "1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sentron_3wl_com35:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF6988F4-8734-4B27-AD0B-B91F25654F9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sentron_3wa_com190_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B62056DC-DF99-4118-9B22-45E51980CD7F",
"versionEndExcluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sentron_3wa_com190:-:*:*:*:*:*:*:*",
"matchCriteriaId": "797EAA6F-5E8C-4855-87ED-CE4D76D02571",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in tcp_rcv() in nptcp.c in HCC embedded InterNiche 4.0.1. The TCP header processing code doesn\u0027t sanitize the value of the IP total length field (header length + data length). With a crafted IP packet, an integer overflow occurs whenever the value of the IP data length is calculated by subtracting the length of the header from the total length of the IP packet."
},
{
"lang": "es",
"value": "Se ha detectado un problema en la funci\u00f3n tcp_rcv() en el archivo nptcp.c en HCC embedded InterNiche versi\u00f3n 4.0.1. El c\u00f3digo de procesamiento del encabezado TCP no sanea el valor del campo de longitud total de IP (longitud del encabezado + longitud de los datos). Con un paquete IP dise\u00f1ado, se produce un desbordamiento de enteros cuando el valor de la longitud de datos IP se calcula restando la longitud del encabezado de la longitud total del paquete IP."
}
],
"id": "CVE-2021-31401",
"lastModified": "2024-11-21T06:05:35.287",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-19T12:15:08.893",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-35685
Vulnerability from fkie_nvd - Published: 2021-08-19 12:15 - Updated: 2024-11-21 05:27
Severity ?
Summary
An issue was discovered in HCC Nichestack 3.0. The code that generates Initial Sequence Numbers (ISNs) for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existing ones or spoof future ones. (Proper ISN generation should aim to follow at least the specifications outlined in RFC 6528.)
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf | Mitigation, Third Party Advisory | |
| cve@mitre.org | https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/ | Mitigation, Third Party Advisory | |
| cve@mitre.org | https://www.hcc-embedded.com | Product | |
| cve@mitre.org | https://www.kb.cert.org/vuls/id/608209 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/ | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.hcc-embedded.com | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/608209 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hcc-embedded | nichestack | 3.0 | |
| siemens | sentron_3wa_com190_firmware | * | |
| siemens | sentron_3wa_com190 | - | |
| siemens | sentron_3wl_com35_firmware | * | |
| siemens | sentron_3wl_com35 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hcc-embedded:nichestack:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "22916BA2-C530-46C0-9C4E-1C0342C9089E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sentron_3wa_com190_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B62056DC-DF99-4118-9B22-45E51980CD7F",
"versionEndExcluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sentron_3wa_com190:-:*:*:*:*:*:*:*",
"matchCriteriaId": "797EAA6F-5E8C-4855-87ED-CE4D76D02571",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sentron_3wl_com35_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "438332F0-E222-48FB-BA95-0A79EAC9E448",
"versionEndExcluding": "1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sentron_3wl_com35:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF6988F4-8734-4B27-AD0B-B91F25654F9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in HCC Nichestack 3.0. The code that generates Initial Sequence Numbers (ISNs) for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existing ones or spoof future ones. (Proper ISN generation should aim to follow at least the specifications outlined in RFC 6528.)"
},
{
"lang": "es",
"value": "Se ha detectado un problema en HCC Nichestack versi\u00f3n 3.0. El c\u00f3digo que genera Initial Sequence Numbers (ISN) para las conexiones TCP deriva el ISN de una fuente insuficientemente aleatoria. Como resultado, un atacante puede ser capaz de determinar el ISN de las conexiones TCP actuales y futuras y secuestrar las existentes o falsificar las futuras. (La generaci\u00f3n apropiada del ISN debe tener como objetivo seguir al menos las especificaciones descritas en el RFC 6528)."
}
],
"id": "CVE-2020-35685",
"lastModified": "2024-11-21T05:27:50.993",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-19T12:15:08.217",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.hcc-embedded.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://www.hcc-embedded.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-330"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-35684
Vulnerability from fkie_nvd - Published: 2021-08-19 12:15 - Updated: 2024-11-21 05:27
Severity ?
Summary
An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible).
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf | Mitigation, Third Party Advisory | |
| cve@mitre.org | https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/ | Mitigation, Third Party Advisory | |
| cve@mitre.org | https://www.hcc-embedded.com | Product | |
| cve@mitre.org | https://www.kb.cert.org/vuls/id/608209 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/ | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.hcc-embedded.com | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/608209 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hcc-embedded | nichestack | 3.0 | |
| siemens | sentron_3wl_com35_firmware | * | |
| siemens | sentron_3wl_com35 | - | |
| siemens | sentron_3wa_com190_firmware | * | |
| siemens | sentron_3wa_com190 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hcc-embedded:nichestack:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "22916BA2-C530-46C0-9C4E-1C0342C9089E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sentron_3wl_com35_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "438332F0-E222-48FB-BA95-0A79EAC9E448",
"versionEndExcluding": "1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sentron_3wl_com35:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF6988F4-8734-4B27-AD0B-B91F25654F9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sentron_3wa_com190_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B62056DC-DF99-4118-9B22-45E51980CD7F",
"versionEndExcluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sentron_3wa_com190:-:*:*:*:*:*:*:*",
"matchCriteriaId": "797EAA6F-5E8C-4855-87ED-CE4D76D02571",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible)."
},
{
"lang": "es",
"value": "Se ha detectado un problema en HCC Nichestack versi\u00f3n 3.0. El c\u00f3digo que analiza los paquetes TCP se basa en un valor no comprobado del tama\u00f1o de la carga \u00fatil IP (extra\u00eddo del encabezado IP) para calcular la longitud de la carga \u00fatil TCP dentro de la funci\u00f3n de c\u00e1lculo de la suma de comprobaci\u00f3n TCP. Cuando el tama\u00f1o de la carga \u00fatil IP est\u00e1 configurado para ser menor que el tama\u00f1o del encabezado IP, la funci\u00f3n de c\u00e1lculo de la suma de comprobaci\u00f3n TCP puede leer fuera de l\u00edmites (tambi\u00e9n es posible una escritura fuera de l\u00edmites de bajo impacto)."
}
],
"id": "CVE-2020-35684",
"lastModified": "2024-11-21T05:27:50.820",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-19T12:15:08.020",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.hcc-embedded.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://www.hcc-embedded.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-27565
Vulnerability from fkie_nvd - Published: 2021-08-19 12:15 - Updated: 2024-11-21 05:58
Severity ?
Summary
The web server in InterNiche NicheStack through 4.0.1 allows remote attackers to cause a denial of service (infinite loop and networking outage) via an unexpected valid HTTP request such as OPTIONS. This occurs because the HTTP request handler enters a miscoded wbs_loop() debugger hook.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/ | Mitigation, Third Party Advisory | |
| cve@mitre.org | https://www.hcc-embedded.com/ | Product | |
| cve@mitre.org | https://www.hcc-embedded.com/about/about-interniche | Product | |
| cve@mitre.org | https://www.kb.cert.org/vuls/id/608209 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/ | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.hcc-embedded.com/ | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.hcc-embedded.com/about/about-interniche | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/608209 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hcc-embedded | nichestack | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hcc-embedded:nichestack:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC60129E-218F-4899-BA1C-C30FDECB11B0",
"versionEndIncluding": "4.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The web server in InterNiche NicheStack through 4.0.1 allows remote attackers to cause a denial of service (infinite loop and networking outage) via an unexpected valid HTTP request such as OPTIONS. This occurs because the HTTP request handler enters a miscoded wbs_loop() debugger hook."
},
{
"lang": "es",
"value": "El servidor web de InterNiche NicheStack versiones hasta 4.0.1, permite a atacantes remotos causar una denegaci\u00f3n de servicio (bucle infinito y corte de red) por medio de una petici\u00f3n HTTP v\u00e1lida inesperada como OPTIONS. Esto ocurre porque el gestor de peticiones HTTP introduce un hook de depuraci\u00f3n wbs_loop() codificado inapropiadamente."
}
],
"id": "CVE-2021-27565",
"lastModified": "2024-11-21T05:58:12.160",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-19T12:15:08.627",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.hcc-embedded.com/"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.hcc-embedded.com/about/about-interniche"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://www.hcc-embedded.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://www.hcc-embedded.com/about/about-interniche"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-835"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-35683
Vulnerability from fkie_nvd - Published: 2021-08-19 12:15 - Updated: 2024-11-21 05:27
Severity ?
Summary
An issue was discovered in HCC Nichestack 3.0. The code that parses ICMP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the ICMP checksum. When the IP payload size is set to be smaller than the size of the IP header, the ICMP checksum computation function may read out of bounds, causing a Denial-of-Service.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf | Mitigation, Third Party Advisory | |
| cve@mitre.org | https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/ | Mitigation, Third Party Advisory | |
| cve@mitre.org | https://www.hcc-embedded.com | Product | |
| cve@mitre.org | https://www.kb.cert.org/vuls/id/608209 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/ | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.hcc-embedded.com | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/608209 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hcc-embedded | nichestack | 3.0 | |
| siemens | 7km9300-0ae02-0aa0_firmware | * | |
| siemens | 7km9300-0ae02-0aa0 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hcc-embedded:nichestack:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "22916BA2-C530-46C0-9C4E-1C0342C9089E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7km9300-0ae02-0aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "894DD35F-1462-4045-AD87-5167B36348DC",
"versionEndExcluding": "3.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7km9300-0ae02-0aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65160F60-7D62-4473-841D-FE60B887A6CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in HCC Nichestack 3.0. The code that parses ICMP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the ICMP checksum. When the IP payload size is set to be smaller than the size of the IP header, the ICMP checksum computation function may read out of bounds, causing a Denial-of-Service."
},
{
"lang": "es",
"value": "Se ha detectado un problema en HCC Nichestack versi\u00f3n 3.0. El c\u00f3digo que analiza los paquetes ICMP se basa en un valor no comprobado del tama\u00f1o de la carga \u00fatil IP (extra\u00eddo del encabezado IP) para calcular la suma de comprobaci\u00f3n ICMP. Cuando el tama\u00f1o de la carga \u00fatil IP est\u00e1 configurado para ser m\u00e1s peque\u00f1o que el tama\u00f1o del encabezado IP, la funci\u00f3n de c\u00e1lculo de la suma de comprobaci\u00f3n ICMP puede leer fuera de l\u00edmites, causando una Denegaci\u00f3n de Servicio."
}
],
"id": "CVE-2020-35683",
"lastModified": "2024-11-21T05:27:50.590",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-19T12:15:07.353",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.hcc-embedded.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://www.hcc-embedded.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-31228
Vulnerability from fkie_nvd - Published: 2021-08-19 11:15 - Updated: 2024-11-21 06:05
Severity ?
Summary
An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnerability allows the attacker to predict a DNS query's source port in order to send forged DNS response packets that will be accepted as valid answers to the DNS client's requests (without sniffing the specific request). Data is predictable because it is based on the time of day, and has too few bits.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/ | Mitigation, Third Party Advisory | |
| cve@mitre.org | https://www.kb.cert.org/vuls/id/608209 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/ | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/608209 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hcc-embedded | nichestack | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hcc-embedded:nichestack:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36A27EF5-D19C-4126-850C-89387A7A1410",
"versionEndExcluding": "4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnerability allows the attacker to predict a DNS query\u0027s source port in order to send forged DNS response packets that will be accepted as valid answers to the DNS client\u0027s requests (without sniffing the specific request). Data is predictable because it is based on the time of day, and has too few bits."
},
{
"lang": "es",
"value": "Se ha detectado un problema en HCC embedded InterNiche versi\u00f3n 4.0.1. Esta vulnerabilidad permite al atacante predecir el puerto de origen de una consulta DNS para enviar paquetes de respuesta DNS falsos que ser\u00e1n aceptados como respuestas v\u00e1lidas a las peticiones del cliente DNS (sin olfatear la petici\u00f3n espec\u00edfica). Los datos son predecibles porque son basados en la hora del d\u00eda y presentan muy pocos bits."
}
],
"id": "CVE-2021-31228",
"lastModified": "2024-11-21T06:05:20.543",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-19T11:15:07.663",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-330"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-31227
Vulnerability from fkie_nvd - Published: 2021-08-19 11:15 - Updated: 2024-11-21 06:05
Severity ?
Summary
An issue was discovered in HCC embedded InterNiche 4.0.1. A potential heap buffer overflow exists in the code that parses the HTTP POST request, due to an incorrect signed integer comparison. This vulnerability requires the attacker to send a malformed HTTP packet with a negative Content-Length, which bypasses the size checks and results in a large heap overflow in the wbs_multidata buffer copy.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/ | Mitigation, Third Party Advisory | |
| cve@mitre.org | https://www.kb.cert.org/vuls/id/608209 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/ | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/608209 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hcc-embedded | nichestack | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hcc-embedded:nichestack:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36A27EF5-D19C-4126-850C-89387A7A1410",
"versionEndExcluding": "4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in HCC embedded InterNiche 4.0.1. A potential heap buffer overflow exists in the code that parses the HTTP POST request, due to an incorrect signed integer comparison. This vulnerability requires the attacker to send a malformed HTTP packet with a negative Content-Length, which bypasses the size checks and results in a large heap overflow in the wbs_multidata buffer copy."
},
{
"lang": "es",
"value": "Se ha detectado un problema en HCC embedded InterNiche versi\u00f3n 4.0.1. Se presenta un potencial desbordamiento del b\u00fafer de la pila en el c\u00f3digo que analiza la petici\u00f3n HTTP POST, debido a una comparaci\u00f3n incorrecta de enteros con signo. Esta vulnerabilidad requiere que el atacante env\u00ede un paquete HTTP malformado con un Content-Length negativo, que omita las comprobaciones de tama\u00f1o y resulte en un gran desbordamiento de la pila en la copia del buffer wbs_multidata."
}
],
"id": "CVE-2021-31227",
"lastModified": "2024-11-21T06:05:20.403",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-19T11:15:07.620",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-31400
Vulnerability from fkie_nvd - Published: 2021-08-19 11:15 - Updated: 2024-11-21 06:05
Severity ?
Summary
An issue was discovered in tcp_pulloutofband() in tcp_in.c in HCC embedded InterNiche 4.0.1. The TCP out-of-band urgent-data processing function invokes a panic function if the pointer to the end of the out-of-band data points outside of the TCP segment's data. If the panic function hadn't a trap invocation removed, it will enter an infinite loop and therefore cause DoS (continuous loop or a device reset).
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/ | Mitigation, Third Party Advisory | |
| cve@mitre.org | https://www.kb.cert.org/vuls/id/608209 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/ | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/608209 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hcc-embedded | nichestack | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hcc-embedded:nichestack:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36A27EF5-D19C-4126-850C-89387A7A1410",
"versionEndExcluding": "4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in tcp_pulloutofband() in tcp_in.c in HCC embedded InterNiche 4.0.1. The TCP out-of-band urgent-data processing function invokes a panic function if the pointer to the end of the out-of-band data points outside of the TCP segment\u0027s data. If the panic function hadn\u0027t a trap invocation removed, it will enter an infinite loop and therefore cause DoS (continuous loop or a device reset)."
},
{
"lang": "es",
"value": "Se ha detectado un problema en la funci\u00f3n tcp_pulloutofband() en el archivo tcp_in.c en HCC embedded InterNiche versi\u00f3n 4.0.1. La funci\u00f3n de procesamiento de datos urgentes de TCP fuera de banda invoca una funci\u00f3n de p\u00e1nico si el puntero al final de los datos fuera de banda apunta fuera de los datos del segmento TCP. Si la funci\u00f3n de p\u00e1nico no presenta una invocaci\u00f3n de trampa eliminada, entrar\u00e1 en un bucle infinito y por lo tanto causar\u00e1 DoS (bucle continuo o un reinicio del dispositivo)."
}
],
"id": "CVE-2021-31400",
"lastModified": "2024-11-21T06:05:35.140",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-19T11:15:07.710",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-835"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2021-31401 (GCVE-0-2021-31401)
Vulnerability from cvelistv5 – Published: 2021-08-19 11:25 – Updated: 2024-08-03 22:55
VLAI?
Summary
An issue was discovered in tcp_rcv() in nptcp.c in HCC embedded InterNiche 4.0.1. The TCP header processing code doesn't sanitize the value of the IP total length field (header length + data length). With a crafted IP packet, an integer overflow occurs whenever the value of the IP data length is calculated by subtracting the length of the header from the total length of the IP packet.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:55:53.721Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in tcp_rcv() in nptcp.c in HCC embedded InterNiche 4.0.1. The TCP header processing code doesn\u0027t sanitize the value of the IP total length field (header length + data length). With a crafted IP packet, an integer overflow occurs whenever the value of the IP data length is calculated by subtracting the length of the header from the total length of the IP packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-19T11:26:03",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-31401",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in tcp_rcv() in nptcp.c in HCC embedded InterNiche 4.0.1. The TCP header processing code doesn\u0027t sanitize the value of the IP total length field (header length + data length). With a crafted IP packet, an integer overflow occurs whenever the value of the IP data length is calculated by subtracting the length of the header from the total length of the IP packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"name": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/",
"refsource": "MISC",
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/608209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-31401",
"datePublished": "2021-08-19T11:25:42",
"dateReserved": "2021-04-15T00:00:00",
"dateUpdated": "2024-08-03T22:55:53.721Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-35685 (GCVE-0-2020-35685)
Vulnerability from cvelistv5 – Published: 2021-08-19 11:21 – Updated: 2024-08-04 17:09
VLAI?
Summary
An issue was discovered in HCC Nichestack 3.0. The code that generates Initial Sequence Numbers (ISNs) for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existing ones or spoof future ones. (Proper ISN generation should aim to follow at least the specifications outlined in RFC 6528.)
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:09:14.933Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.hcc-embedded.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in HCC Nichestack 3.0. The code that generates Initial Sequence Numbers (ISNs) for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existing ones or spoof future ones. (Proper ISN generation should aim to follow at least the specifications outlined in RFC 6528.)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-19T11:21:29",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.hcc-embedded.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-35685",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in HCC Nichestack 3.0. The code that generates Initial Sequence Numbers (ISNs) for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existing ones or spoof future ones. (Proper ISN generation should aim to follow at least the specifications outlined in RFC 6528.)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.hcc-embedded.com",
"refsource": "MISC",
"url": "https://www.hcc-embedded.com"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"name": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/",
"refsource": "MISC",
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/608209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-35685",
"datePublished": "2021-08-19T11:21:08",
"dateReserved": "2020-12-24T00:00:00",
"dateUpdated": "2024-08-04T17:09:14.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-35684 (GCVE-0-2020-35684)
Vulnerability from cvelistv5 – Published: 2021-08-19 11:19 – Updated: 2024-08-04 17:09
VLAI?
Summary
An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:09:14.969Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.hcc-embedded.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-19T11:19:27",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.hcc-embedded.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-35684",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.hcc-embedded.com",
"refsource": "MISC",
"url": "https://www.hcc-embedded.com"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"name": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/",
"refsource": "MISC",
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/608209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-35684",
"datePublished": "2021-08-19T11:19:01",
"dateReserved": "2020-12-24T00:00:00",
"dateUpdated": "2024-08-04T17:09:14.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-35683 (GCVE-0-2020-35683)
Vulnerability from cvelistv5 – Published: 2021-08-19 11:13 – Updated: 2024-08-04 17:09
VLAI?
Summary
An issue was discovered in HCC Nichestack 3.0. The code that parses ICMP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the ICMP checksum. When the IP payload size is set to be smaller than the size of the IP header, the ICMP checksum computation function may read out of bounds, causing a Denial-of-Service.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:09:14.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.hcc-embedded.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in HCC Nichestack 3.0. The code that parses ICMP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the ICMP checksum. When the IP payload size is set to be smaller than the size of the IP header, the ICMP checksum computation function may read out of bounds, causing a Denial-of-Service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-19T11:13:45",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.hcc-embedded.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-35683",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in HCC Nichestack 3.0. The code that parses ICMP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the ICMP checksum. When the IP payload size is set to be smaller than the size of the IP header, the ICMP checksum computation function may read out of bounds, causing a Denial-of-Service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.hcc-embedded.com",
"refsource": "MISC",
"url": "https://www.hcc-embedded.com"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"name": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/",
"refsource": "MISC",
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/608209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-35683",
"datePublished": "2021-08-19T11:13:13",
"dateReserved": "2020-12-24T00:00:00",
"dateUpdated": "2024-08-04T17:09:14.934Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36762 (GCVE-0-2021-36762)
Vulnerability from cvelistv5 – Published: 2021-08-19 11:09 – Updated: 2024-08-04 01:01
VLAI?
Summary
An issue was discovered in HCC Embedded InterNiche NicheStack through 4.3. The tfshnd():tftpsrv.c TFTP packet processing function doesn't ensure that a filename is adequately '\0' terminated; therefore, a subsequent call to strlen for the filename might read out of bounds of the protocol packet buffer (if no '\0' byte exists within a reasonable range).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:01:59.411Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.hcc-embedded.com/about/about-interniche"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in HCC Embedded InterNiche NicheStack through 4.3. The tfshnd():tftpsrv.c TFTP packet processing function doesn\u0027t ensure that a filename is adequately \u0027\\0\u0027 terminated; therefore, a subsequent call to strlen for the filename might read out of bounds of the protocol packet buffer (if no \u0027\\0\u0027 byte exists within a reasonable range)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-19T11:10:24",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.hcc-embedded.com/about/about-interniche"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-36762",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in HCC Embedded InterNiche NicheStack through 4.3. The tfshnd():tftpsrv.c TFTP packet processing function doesn\u0027t ensure that a filename is adequately \u0027\\0\u0027 terminated; therefore, a subsequent call to strlen for the filename might read out of bounds of the protocol packet buffer (if no \u0027\\0\u0027 byte exists within a reasonable range)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.hcc-embedded.com/about/about-interniche",
"refsource": "MISC",
"url": "https://www.hcc-embedded.com/about/about-interniche"
},
{
"name": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/",
"refsource": "MISC",
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/608209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-36762",
"datePublished": "2021-08-19T11:09:58",
"dateReserved": "2021-07-16T00:00:00",
"dateUpdated": "2024-08-04T01:01:59.411Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27565 (GCVE-0-2021-27565)
Vulnerability from cvelistv5 – Published: 2021-08-19 11:04 – Updated: 2024-08-03 21:26
VLAI?
Summary
The web server in InterNiche NicheStack through 4.0.1 allows remote attackers to cause a denial of service (infinite loop and networking outage) via an unexpected valid HTTP request such as OPTIONS. This occurs because the HTTP request handler enters a miscoded wbs_loop() debugger hook.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:26:09.982Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.hcc-embedded.com/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.hcc-embedded.com/about/about-interniche"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The web server in InterNiche NicheStack through 4.0.1 allows remote attackers to cause a denial of service (infinite loop and networking outage) via an unexpected valid HTTP request such as OPTIONS. This occurs because the HTTP request handler enters a miscoded wbs_loop() debugger hook."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-19T11:04:45",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.hcc-embedded.com/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.hcc-embedded.com/about/about-interniche"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-27565",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web server in InterNiche NicheStack through 4.0.1 allows remote attackers to cause a denial of service (infinite loop and networking outage) via an unexpected valid HTTP request such as OPTIONS. This occurs because the HTTP request handler enters a miscoded wbs_loop() debugger hook."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.hcc-embedded.com/",
"refsource": "MISC",
"url": "https://www.hcc-embedded.com/"
},
{
"name": "https://www.hcc-embedded.com/about/about-interniche",
"refsource": "MISC",
"url": "https://www.hcc-embedded.com/about/about-interniche"
},
{
"name": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/",
"refsource": "MISC",
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/608209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-27565",
"datePublished": "2021-08-19T11:04:23",
"dateReserved": "2021-02-22T00:00:00",
"dateUpdated": "2024-08-03T21:26:09.982Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31400 (GCVE-0-2021-31400)
Vulnerability from cvelistv5 – Published: 2021-08-19 10:52 – Updated: 2024-08-03 22:55
VLAI?
Summary
An issue was discovered in tcp_pulloutofband() in tcp_in.c in HCC embedded InterNiche 4.0.1. The TCP out-of-band urgent-data processing function invokes a panic function if the pointer to the end of the out-of-band data points outside of the TCP segment's data. If the panic function hadn't a trap invocation removed, it will enter an infinite loop and therefore cause DoS (continuous loop or a device reset).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:55:53.790Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in tcp_pulloutofband() in tcp_in.c in HCC embedded InterNiche 4.0.1. The TCP out-of-band urgent-data processing function invokes a panic function if the pointer to the end of the out-of-band data points outside of the TCP segment\u0027s data. If the panic function hadn\u0027t a trap invocation removed, it will enter an infinite loop and therefore cause DoS (continuous loop or a device reset)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-19T10:53:20",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-31400",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in tcp_pulloutofband() in tcp_in.c in HCC embedded InterNiche 4.0.1. The TCP out-of-band urgent-data processing function invokes a panic function if the pointer to the end of the out-of-band data points outside of the TCP segment\u0027s data. If the panic function hadn\u0027t a trap invocation removed, it will enter an infinite loop and therefore cause DoS (continuous loop or a device reset)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/",
"refsource": "MISC",
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/608209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-31400",
"datePublished": "2021-08-19T10:52:57",
"dateReserved": "2021-04-15T00:00:00",
"dateUpdated": "2024-08-03T22:55:53.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31228 (GCVE-0-2021-31228)
Vulnerability from cvelistv5 – Published: 2021-08-19 10:51 – Updated: 2024-08-03 22:55
VLAI?
Summary
An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnerability allows the attacker to predict a DNS query's source port in order to send forged DNS response packets that will be accepted as valid answers to the DNS client's requests (without sniffing the specific request). Data is predictable because it is based on the time of day, and has too few bits.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:55:53.445Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnerability allows the attacker to predict a DNS query\u0027s source port in order to send forged DNS response packets that will be accepted as valid answers to the DNS client\u0027s requests (without sniffing the specific request). Data is predictable because it is based on the time of day, and has too few bits."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-19T10:51:42",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-31228",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnerability allows the attacker to predict a DNS query\u0027s source port in order to send forged DNS response packets that will be accepted as valid answers to the DNS client\u0027s requests (without sniffing the specific request). Data is predictable because it is based on the time of day, and has too few bits."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/",
"refsource": "MISC",
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/608209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-31228",
"datePublished": "2021-08-19T10:51:21",
"dateReserved": "2021-04-15T00:00:00",
"dateUpdated": "2024-08-03T22:55:53.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31227 (GCVE-0-2021-31227)
Vulnerability from cvelistv5 – Published: 2021-08-19 10:50 – Updated: 2024-08-03 22:55
VLAI?
Summary
An issue was discovered in HCC embedded InterNiche 4.0.1. A potential heap buffer overflow exists in the code that parses the HTTP POST request, due to an incorrect signed integer comparison. This vulnerability requires the attacker to send a malformed HTTP packet with a negative Content-Length, which bypasses the size checks and results in a large heap overflow in the wbs_multidata buffer copy.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:55:53.274Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in HCC embedded InterNiche 4.0.1. A potential heap buffer overflow exists in the code that parses the HTTP POST request, due to an incorrect signed integer comparison. This vulnerability requires the attacker to send a malformed HTTP packet with a negative Content-Length, which bypasses the size checks and results in a large heap overflow in the wbs_multidata buffer copy."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-19T10:50:28",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-31227",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in HCC embedded InterNiche 4.0.1. A potential heap buffer overflow exists in the code that parses the HTTP POST request, due to an incorrect signed integer comparison. This vulnerability requires the attacker to send a malformed HTTP packet with a negative Content-Length, which bypasses the size checks and results in a large heap overflow in the wbs_multidata buffer copy."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/",
"refsource": "MISC",
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "https://www.kb.cert.org/vuls/id/608209",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/608209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-31227",
"datePublished": "2021-08-19T10:50:28",
"dateReserved": "2021-04-15T00:00:00",
"dateUpdated": "2024-08-03T22:55:53.274Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31401 (GCVE-0-2021-31401)
Vulnerability from nvd – Published: 2021-08-19 11:25 – Updated: 2024-08-03 22:55
VLAI?
Summary
An issue was discovered in tcp_rcv() in nptcp.c in HCC embedded InterNiche 4.0.1. The TCP header processing code doesn't sanitize the value of the IP total length field (header length + data length). With a crafted IP packet, an integer overflow occurs whenever the value of the IP data length is calculated by subtracting the length of the header from the total length of the IP packet.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:55:53.721Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in tcp_rcv() in nptcp.c in HCC embedded InterNiche 4.0.1. The TCP header processing code doesn\u0027t sanitize the value of the IP total length field (header length + data length). With a crafted IP packet, an integer overflow occurs whenever the value of the IP data length is calculated by subtracting the length of the header from the total length of the IP packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-19T11:26:03",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-31401",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in tcp_rcv() in nptcp.c in HCC embedded InterNiche 4.0.1. The TCP header processing code doesn\u0027t sanitize the value of the IP total length field (header length + data length). With a crafted IP packet, an integer overflow occurs whenever the value of the IP data length is calculated by subtracting the length of the header from the total length of the IP packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"name": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/",
"refsource": "MISC",
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/608209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-31401",
"datePublished": "2021-08-19T11:25:42",
"dateReserved": "2021-04-15T00:00:00",
"dateUpdated": "2024-08-03T22:55:53.721Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-35685 (GCVE-0-2020-35685)
Vulnerability from nvd – Published: 2021-08-19 11:21 – Updated: 2024-08-04 17:09
VLAI?
Summary
An issue was discovered in HCC Nichestack 3.0. The code that generates Initial Sequence Numbers (ISNs) for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existing ones or spoof future ones. (Proper ISN generation should aim to follow at least the specifications outlined in RFC 6528.)
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:09:14.933Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.hcc-embedded.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in HCC Nichestack 3.0. The code that generates Initial Sequence Numbers (ISNs) for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existing ones or spoof future ones. (Proper ISN generation should aim to follow at least the specifications outlined in RFC 6528.)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-19T11:21:29",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.hcc-embedded.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-35685",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in HCC Nichestack 3.0. The code that generates Initial Sequence Numbers (ISNs) for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existing ones or spoof future ones. (Proper ISN generation should aim to follow at least the specifications outlined in RFC 6528.)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.hcc-embedded.com",
"refsource": "MISC",
"url": "https://www.hcc-embedded.com"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"name": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/",
"refsource": "MISC",
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/608209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-35685",
"datePublished": "2021-08-19T11:21:08",
"dateReserved": "2020-12-24T00:00:00",
"dateUpdated": "2024-08-04T17:09:14.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-35684 (GCVE-0-2020-35684)
Vulnerability from nvd – Published: 2021-08-19 11:19 – Updated: 2024-08-04 17:09
VLAI?
Summary
An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:09:14.969Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.hcc-embedded.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-19T11:19:27",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.hcc-embedded.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-35684",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.hcc-embedded.com",
"refsource": "MISC",
"url": "https://www.hcc-embedded.com"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"name": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/",
"refsource": "MISC",
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/608209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-35684",
"datePublished": "2021-08-19T11:19:01",
"dateReserved": "2020-12-24T00:00:00",
"dateUpdated": "2024-08-04T17:09:14.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-35683 (GCVE-0-2020-35683)
Vulnerability from nvd – Published: 2021-08-19 11:13 – Updated: 2024-08-04 17:09
VLAI?
Summary
An issue was discovered in HCC Nichestack 3.0. The code that parses ICMP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the ICMP checksum. When the IP payload size is set to be smaller than the size of the IP header, the ICMP checksum computation function may read out of bounds, causing a Denial-of-Service.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:09:14.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.hcc-embedded.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in HCC Nichestack 3.0. The code that parses ICMP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the ICMP checksum. When the IP payload size is set to be smaller than the size of the IP header, the ICMP checksum computation function may read out of bounds, causing a Denial-of-Service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-19T11:13:45",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.hcc-embedded.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-35683",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in HCC Nichestack 3.0. The code that parses ICMP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the ICMP checksum. When the IP payload size is set to be smaller than the size of the IP header, the ICMP checksum computation function may read out of bounds, causing a Denial-of-Service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.hcc-embedded.com",
"refsource": "MISC",
"url": "https://www.hcc-embedded.com"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"name": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/",
"refsource": "MISC",
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/608209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-35683",
"datePublished": "2021-08-19T11:13:13",
"dateReserved": "2020-12-24T00:00:00",
"dateUpdated": "2024-08-04T17:09:14.934Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36762 (GCVE-0-2021-36762)
Vulnerability from nvd – Published: 2021-08-19 11:09 – Updated: 2024-08-04 01:01
VLAI?
Summary
An issue was discovered in HCC Embedded InterNiche NicheStack through 4.3. The tfshnd():tftpsrv.c TFTP packet processing function doesn't ensure that a filename is adequately '\0' terminated; therefore, a subsequent call to strlen for the filename might read out of bounds of the protocol packet buffer (if no '\0' byte exists within a reasonable range).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:01:59.411Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.hcc-embedded.com/about/about-interniche"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in HCC Embedded InterNiche NicheStack through 4.3. The tfshnd():tftpsrv.c TFTP packet processing function doesn\u0027t ensure that a filename is adequately \u0027\\0\u0027 terminated; therefore, a subsequent call to strlen for the filename might read out of bounds of the protocol packet buffer (if no \u0027\\0\u0027 byte exists within a reasonable range)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-19T11:10:24",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.hcc-embedded.com/about/about-interniche"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-36762",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in HCC Embedded InterNiche NicheStack through 4.3. The tfshnd():tftpsrv.c TFTP packet processing function doesn\u0027t ensure that a filename is adequately \u0027\\0\u0027 terminated; therefore, a subsequent call to strlen for the filename might read out of bounds of the protocol packet buffer (if no \u0027\\0\u0027 byte exists within a reasonable range)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.hcc-embedded.com/about/about-interniche",
"refsource": "MISC",
"url": "https://www.hcc-embedded.com/about/about-interniche"
},
{
"name": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/",
"refsource": "MISC",
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/608209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-36762",
"datePublished": "2021-08-19T11:09:58",
"dateReserved": "2021-07-16T00:00:00",
"dateUpdated": "2024-08-04T01:01:59.411Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27565 (GCVE-0-2021-27565)
Vulnerability from nvd – Published: 2021-08-19 11:04 – Updated: 2024-08-03 21:26
VLAI?
Summary
The web server in InterNiche NicheStack through 4.0.1 allows remote attackers to cause a denial of service (infinite loop and networking outage) via an unexpected valid HTTP request such as OPTIONS. This occurs because the HTTP request handler enters a miscoded wbs_loop() debugger hook.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:26:09.982Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.hcc-embedded.com/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.hcc-embedded.com/about/about-interniche"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The web server in InterNiche NicheStack through 4.0.1 allows remote attackers to cause a denial of service (infinite loop and networking outage) via an unexpected valid HTTP request such as OPTIONS. This occurs because the HTTP request handler enters a miscoded wbs_loop() debugger hook."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-19T11:04:45",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.hcc-embedded.com/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.hcc-embedded.com/about/about-interniche"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-27565",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web server in InterNiche NicheStack through 4.0.1 allows remote attackers to cause a denial of service (infinite loop and networking outage) via an unexpected valid HTTP request such as OPTIONS. This occurs because the HTTP request handler enters a miscoded wbs_loop() debugger hook."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.hcc-embedded.com/",
"refsource": "MISC",
"url": "https://www.hcc-embedded.com/"
},
{
"name": "https://www.hcc-embedded.com/about/about-interniche",
"refsource": "MISC",
"url": "https://www.hcc-embedded.com/about/about-interniche"
},
{
"name": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/",
"refsource": "MISC",
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/608209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-27565",
"datePublished": "2021-08-19T11:04:23",
"dateReserved": "2021-02-22T00:00:00",
"dateUpdated": "2024-08-03T21:26:09.982Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31400 (GCVE-0-2021-31400)
Vulnerability from nvd – Published: 2021-08-19 10:52 – Updated: 2024-08-03 22:55
VLAI?
Summary
An issue was discovered in tcp_pulloutofband() in tcp_in.c in HCC embedded InterNiche 4.0.1. The TCP out-of-band urgent-data processing function invokes a panic function if the pointer to the end of the out-of-band data points outside of the TCP segment's data. If the panic function hadn't a trap invocation removed, it will enter an infinite loop and therefore cause DoS (continuous loop or a device reset).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:55:53.790Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in tcp_pulloutofband() in tcp_in.c in HCC embedded InterNiche 4.0.1. The TCP out-of-band urgent-data processing function invokes a panic function if the pointer to the end of the out-of-band data points outside of the TCP segment\u0027s data. If the panic function hadn\u0027t a trap invocation removed, it will enter an infinite loop and therefore cause DoS (continuous loop or a device reset)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-19T10:53:20",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-31400",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in tcp_pulloutofband() in tcp_in.c in HCC embedded InterNiche 4.0.1. The TCP out-of-band urgent-data processing function invokes a panic function if the pointer to the end of the out-of-band data points outside of the TCP segment\u0027s data. If the panic function hadn\u0027t a trap invocation removed, it will enter an infinite loop and therefore cause DoS (continuous loop or a device reset)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/",
"refsource": "MISC",
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/608209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-31400",
"datePublished": "2021-08-19T10:52:57",
"dateReserved": "2021-04-15T00:00:00",
"dateUpdated": "2024-08-03T22:55:53.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31228 (GCVE-0-2021-31228)
Vulnerability from nvd – Published: 2021-08-19 10:51 – Updated: 2024-08-03 22:55
VLAI?
Summary
An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnerability allows the attacker to predict a DNS query's source port in order to send forged DNS response packets that will be accepted as valid answers to the DNS client's requests (without sniffing the specific request). Data is predictable because it is based on the time of day, and has too few bits.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:55:53.445Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnerability allows the attacker to predict a DNS query\u0027s source port in order to send forged DNS response packets that will be accepted as valid answers to the DNS client\u0027s requests (without sniffing the specific request). Data is predictable because it is based on the time of day, and has too few bits."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-19T10:51:42",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-31228",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnerability allows the attacker to predict a DNS query\u0027s source port in order to send forged DNS response packets that will be accepted as valid answers to the DNS client\u0027s requests (without sniffing the specific request). Data is predictable because it is based on the time of day, and has too few bits."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/",
"refsource": "MISC",
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "VU#608209",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/608209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-31228",
"datePublished": "2021-08-19T10:51:21",
"dateReserved": "2021-04-15T00:00:00",
"dateUpdated": "2024-08-03T22:55:53.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31227 (GCVE-0-2021-31227)
Vulnerability from nvd – Published: 2021-08-19 10:50 – Updated: 2024-08-03 22:55
VLAI?
Summary
An issue was discovered in HCC embedded InterNiche 4.0.1. A potential heap buffer overflow exists in the code that parses the HTTP POST request, due to an incorrect signed integer comparison. This vulnerability requires the attacker to send a malformed HTTP packet with a negative Content-Length, which bypasses the size checks and results in a large heap overflow in the wbs_multidata buffer copy.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:55:53.274Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in HCC embedded InterNiche 4.0.1. A potential heap buffer overflow exists in the code that parses the HTTP POST request, due to an incorrect signed integer comparison. This vulnerability requires the attacker to send a malformed HTTP packet with a negative Content-Length, which bypasses the size checks and results in a large heap overflow in the wbs_multidata buffer copy."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-19T10:50:28",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-31227",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in HCC embedded InterNiche 4.0.1. A potential heap buffer overflow exists in the code that parses the HTTP POST request, due to an incorrect signed integer comparison. This vulnerability requires the attacker to send a malformed HTTP packet with a negative Content-Length, which bypasses the size checks and results in a large heap overflow in the wbs_multidata buffer copy."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/",
"refsource": "MISC",
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/"
},
{
"name": "https://www.kb.cert.org/vuls/id/608209",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/608209"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-31227",
"datePublished": "2021-08-19T10:50:28",
"dateReserved": "2021-04-15T00:00:00",
"dateUpdated": "2024-08-03T22:55:53.274Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}