exploitDog

CVE-2021-25673

Опубликовано: 15 мар. 2021

Источник: nvd

CVSS3: 5.5

CVSS2: 4.9

EPSS Низкий

Описание

A vulnerability has been identified in SIMATIC S7-PLCSIM V5.4 (All versions). An attacker with local access to the system could cause a Denial-of-Service condition in the application when it is used to open a specially crafted file. As a consequence, the application could enter an infinite loop, become unresponsive and must be restarted to restore the service.

Ссылки

https://cert-portal.siemens.com/productcert/pdf/ssa-256092.pdf
Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-256092.pdf
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:siemens:simatic_s7-plcsim:*:*:*:*:*:*:*:*

EPSS

Процентиль: 12%

0.0004

Низкий

5.5 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-835

Связанные уязвимости

GHSA-cxqw-29jq-pcjv

github

больше 3 лет назад

A vulnerability has been identified in SIMATIC S7-PLCSIM V5.4 (All versions). An attacker with local access to the system could cause a Denial-of-Service condition in the application when it is used to open a specially crafted file. As a consequence, the application could enter an infinite loop, become unresponsive and must be restarted to restore the service.

EPSS

Процентиль: 12%

0.0004

Низкий

5.5 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-835