cvelistv5 - cve-2021-40142

URL	Tags
cve@mitre.org	https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf	Patch, Third Party Advisory
cve@mitre.org	https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-40142.pdf	Patch, Vendor Advisory
cve@mitre.org	https://opcfoundation.org/security-bulletins/	Vendor Advisory

▼	Vendor	Product
	n/a	n/a

var-202108-2032

Vulnerability from variot

In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer. The Local Discovery Server provides the necessary infrastructure to publicly expose the OPC UA servers available on a given computer

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202108-2032",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic process historian opc ua server",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2022"
      },
      {
        "model": "local discover server",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "opcfoundation",
        "version": "1.04.402.463"
      },
      {
        "model": "simatic wincc unified scada runtime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic net pc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic net pc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic net pc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic net pc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "17"
      },
      {
        "model": "simatic wincc runtime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "telecontrol server basic",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic process historian opc ua server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2022"
      },
      {
        "model": "local discovery server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "opc",
        "version": null
      },
      {
        "model": "local discovery server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "opc",
        "version": "1.04.402.463"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-010007"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40142"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:opcfoundation:local_discover_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.04.402.463",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_process_historian_opc_ua_server_firmware:2022:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_process_historian_opc_ua_server_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2022",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_process_historian_opc_ua_server:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_runtime:-:*:*:*:professional:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:16:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:15:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:14:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:telecontrol_server_basic:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:17:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_unified_scada_runtime:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-40142"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens reported this vulnerability to CISA.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2640"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2021-40142",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 5.0,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2021-40142",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-397219",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "OTHER",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2021-010007",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2021-40142",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "cve@mitre.org",
            "id": "CVE-2021-40142",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202108-2640",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-397219",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2021-40142",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-397219"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-40142"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-010007"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40142"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40142"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2640"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer. The Local Discovery Server provides the necessary infrastructure to publicly expose the OPC UA servers available on a given computer",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-40142"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-010007"
      },
      {
        "db": "VULHUB",
        "id": "VHN-397219"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-40142"
      }
    ],
    "trust": 1.8
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-40142",
        "trust": 3.4
      },
      {
        "db": "SIEMENS",
        "id": "SSA-321292",
        "trust": 1.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-010007",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2640",
        "trust": 0.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-22-132-12",
        "trust": 0.7
      },
      {
        "db": "CS-HELP",
        "id": "SB2022051720",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-397219",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-40142",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-397219"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-40142"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-010007"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40142"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2640"
      }
    ]
  },
  "id": "VAR-202108-2032",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-397219"
      }
    ],
    "trust": 0.613684795
  },
  "last_update_date": "2023-12-18T13:12:25.198000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Security\u00a0Update\u00a0for\u00a0Local\u00a0Discovery\u00a0Server\u00a0(LDS) OPC\u00a0Foundation\u00a0Security\u00a0Bulletin",
        "trust": 0.8,
        "url": "https://files.opcfoundation.org/securitybulletins/opc%20foundation%20security%20bulletin%20cve-2021-40142.pdf"
      },
      {
        "title": "Local Discovery Server Buffer error vulnerability fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=161299"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-010007"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2640"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.1
      },
      {
        "problemtype": "Buffer error (CWE-119) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-397219"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-010007"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40142"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf"
      },
      {
        "trust": 1.8,
        "url": "https://files.opcfoundation.org/securitybulletins/opc%20foundation%20security%20bulletin%20cve-2021-40142.pdf"
      },
      {
        "trust": 1.8,
        "url": "https://opcfoundation.org/security-bulletins/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-40142"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/siemens-simatic-denial-of-service-via-opc-foundation-local-discovery-server-38294"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-132-12"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022051720"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/119.html"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/live-hack-cve/cve-2021-40142"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-12"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-397219"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-40142"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-010007"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40142"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2640"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-397219"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-40142"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-010007"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40142"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2640"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-08-27T00:00:00",
        "db": "VULHUB",
        "id": "VHN-397219"
      },
      {
        "date": "2021-08-27T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-40142"
      },
      {
        "date": "2022-06-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-010007"
      },
      {
        "date": "2021-08-27T07:15:08.630000",
        "db": "NVD",
        "id": "CVE-2021-40142"
      },
      {
        "date": "2021-08-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202108-2640"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-09-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-397219"
      },
      {
        "date": "2022-09-03T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-40142"
      },
      {
        "date": "2022-06-13T08:39:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-010007"
      },
      {
        "date": "2022-09-03T03:54:54.180000",
        "db": "NVD",
        "id": "CVE-2021-40142"
      },
      {
        "date": "2022-05-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202108-2640"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2640"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "OPC\u00a0Foundation\u00a0Local\u00a0Discovery\u00a0Server\u00a0 Buffer error vulnerability in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-010007"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2640"
      }
    ],
    "trust": 0.6
  }
}

icsa-22-132-12

Vulnerability from csaf_cisa

Published

2022-05-12 00:00

Modified

2022-05-12 00:00

Summary

Siemens Industrial Products

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Successful exploitation of this vulnerability could cause a denial-of-service condition on the service or the device.

Critical infrastructure sectors

Multiple Sectors

Countries/areas deployed

Worldwide

Company headquarters location

Germany

Recommended Practices

CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov/ics in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies. Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.

Additional Resources

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

Exploitability

No known public exploits specifically target this vulnerability.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Siemens",
        "summary": "reporting this vulnerability to CISA"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of this vulnerability could cause a denial-of-service condition on the service or the device.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Multiple Sectors",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov/ics in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target this vulnerability.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SSA-321292: Denial of Service in the OPC Foundation Local Discovery Server (LDS) in Industrial Products - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-321292.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-22-132-12 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-132-12.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-22-132-12 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-132-12"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      },
      {
        "category": "external",
        "summary": "SSA-321292: Denial of Service in the OPC Foundation Local Discovery Server (LDS) in Industrial Products - HTML Version",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-321292.html"
      },
      {
        "category": "external",
        "summary": "SSA-321292: Denial of Service in the OPC Foundation Local Discovery Server (LDS) in Industrial Products - PDF Version",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf"
      },
      {
        "category": "external",
        "summary": "SSA-321292: Denial of Service in the OPC Foundation Local Discovery Server (LDS) in Industrial Products - TXT Version",
        "url": "https://cert-portal.siemens.com/productcert/txt/ssa-321292.txt"
      }
    ],
    "title": "Siemens Industrial Products",
    "tracking": {
      "current_release_date": "2022-05-12T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-22-132-12",
      "initial_release_date": "2022-05-12T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2022-05-12T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-22-132-12 Siemens Industrial Products"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "OpenPCS 7",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "OpenPCS 7"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "All versions \u003c V14 SP1 Update 14",
                "product": {
                  "name": "SIMATIC NET PC Software V14",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC NET PC Software V14"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "SIMATIC NET PC Software V15",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC NET PC Software V15"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "All versions \u003c V16 Update 6",
                "product": {
                  "name": "SIMATIC NET PC Software V16",
                  "product_id": "CSAFPID-0004"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC NET PC Software V16"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "All versions \u003c V17 SP1",
                "product": {
                  "name": "SIMATIC NET PC Software V17",
                  "product_id": "CSAFPID-0005"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC NET PC Software V17"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cV2020 SP1",
                "product": {
                  "name": "SIMATIC Process Historian OPC UA Server",
                  "product_id": "CSAFPID-0006"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC Process Historian OPC UA Server"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cV8.0",
                "product": {
                  "name": "SIMATIC WinCC",
                  "product_id": "CSAFPID-0007"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC WinCC"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cV18",
                "product": {
                  "name": "SIMATIC WinCC Runtime Professional",
                  "product_id": "CSAFPID-0008"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC WinCC Runtime Professional"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cV18 SR 1",
                "product": {
                  "name": "SIMATIC WinCC Unified PC Runtime",
                  "product_id": "CSAFPID-0009"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC WinCC Unified PC Runtime"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cV3.1.1",
                "product": {
                  "name": "TeleControl Server Basic V3",
                  "product_id": "CSAFPID-00010"
                }
              }
            ],
            "category": "product_name",
            "name": "TeleControl Server Basic V3"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-40142",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service condition by sending carefully crafted messages that lead to access of a memory location after the end of a buffer.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007",
          "CSAFPID-0008",
          "CSAFPID-0009",
          "CSAFPID-00010"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-40142"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Deactivate the OPC LDS Service if supported by the product use case. The LDS service is not activated in the default configuration",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use VPN for protecting network communication between cells",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010"
          ]
        },
        {
          "category": "no_fix_planned",
          "details": "Currently no fix is planned",
          "product_ids": [
            "CSAFPID-0003"
          ]
        },
        {
          "category": "none_available",
          "details": "Currently no fix is available",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V18 SR 1 or later version",
          "product_ids": [
            "CSAFPID-0009"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109807123/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.1.1 or later version",
          "product_ids": [
            "CSAFPID-00010"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109812231/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V14 SP1 Update 14 or later version",
          "product_ids": [
            "CSAFPID-0002"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109807351/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V16 Update 6 or later version",
          "product_ids": [
            "CSAFPID-0004"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109811815/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V17 SP1 or later version",
          "product_ids": [
            "CSAFPID-0005"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808270/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V2020 SP1 or later version",
          "product_ids": [
            "CSAFPID-0006"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "For PCS neo: Update to PCS neo V3.1 SP1\n(\nhttps://support.industry.siemens.com/cs/ww/de/view/109807752/)",
          "product_ids": [
            "CSAFPID-0006"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "For PCS 7: Update to PCS 7 V9.1 SP1 (\nhttps://support.industry.siemens.com/cs/ww/en/view/109805073/)",
          "product_ids": [
            "CSAFPID-0006"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "For WinCC: contact local support",
          "product_ids": [
            "CSAFPID-0006"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V8.0 or later version",
          "product_ids": [
            "CSAFPID-0007"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109816599/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V18 or later version",
          "product_ids": [
            "CSAFPID-0008"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109813587/"
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010"
          ]
        }
      ],
      "title": "CVE-2021-40142"
    }
  ]
}

gsd-2021-40142

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer.

Aliases

CVE-2021-40142

Aliases

CVE-2021-40142

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-40142",
    "description": "In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer.",
    "id": "GSD-2021-40142"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-40142"
      ],
      "details": "In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer.",
      "id": "GSD-2021-40142",
      "modified": "2023-12-13T01:23:25.604508Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2021-40142",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer."
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://opcfoundation.org/security-bulletins/",
            "refsource": "MISC",
            "url": "https://opcfoundation.org/security-bulletins/"
          },
          {
            "name": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-40142.pdf",
            "refsource": "MISC",
            "url": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-40142.pdf"
          },
          {
            "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf",
            "refsource": "CONFIRM",
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:opcfoundation:local_discover_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.04.402.463",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_process_historian_opc_ua_server_firmware:2022:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_process_historian_opc_ua_server_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2022",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_process_historian_opc_ua_server:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_runtime:-:*:*:*:professional:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:16:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:15:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:14:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:telecontrol_server_basic:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:17:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_unified_scada_runtime:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2021-40142"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-40142.pdf",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-40142.pdf"
            },
            {
              "name": "https://opcfoundation.org/security-bulletins/",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://opcfoundation.org/security-bulletins/"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2022-09-03T03:54Z",
      "publishedDate": "2021-08-27T07:15Z"
    }
  }
}

ghsa-5524-cf37-2p8f

Vulnerability from github

Published

2022-05-24 19:12

Modified

2022-05-24 19:12

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-40142"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-08-27T07:15:00Z",
    "severity": "HIGH"
  },
  "details": "In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer.",
  "id": "GHSA-5524-cf37-2p8f",
  "modified": "2022-05-24T19:12:24Z",
  "published": "2022-05-24T19:12:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-40142"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf"
    },
    {
      "type": "WEB",
      "url": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-40142.pdf"
    },
    {
      "type": "WEB",
      "url": "https://opcfoundation.org/security-bulletins"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Action not permitted

cve-2021-40142

Vulnerability from cvelistv5

var-202108-2032

Vulnerability from variot

icsa-22-132-12

Vulnerability from csaf_cisa

gsd-2021-40142

Vulnerability from gsd

ghsa-5524-cf37-2p8f

Vulnerability from github

Tags