CVE-2021-31401

Опубликовано: 19 авг. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

An issue was discovered in tcp_rcv() in nptcp.c in HCC embedded InterNiche 4.0.1. The TCP header processing code doesn't sanitize the value of the IP total length field (header length + data length). With a crafted IP packet, an integer overflow occurs whenever the value of the IP data length is calculated by subtracting the length of the header from the total length of the IP packet.

Ссылки

https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf
Mitigation
Third Party Advisory
https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/
Mitigation
Third Party Advisory
https://www.kb.cert.org/vuls/id/608209
Third Party Advisory
US Government Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf
Mitigation
Third Party Advisory
https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/
Mitigation
Third Party Advisory
https://www.kb.cert.org/vuls/id/608209
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hcc-embedded:nichestack:*:*:*:*:*:*:*:*

Версия до 4.3 (исключая)

Конфигурация 2

Одновременно

cpe:2.3:o:siemens:sentron_3wl_com35_firmware:*:*:*:*:*:*:*:*

Версия до 1.2.0 (исключая)

cpe:2.3:h:siemens:sentron_3wl_com35:-:*:*:*:*:*:*:*

Конфигурация 3

Одновременно

cpe:2.3:o:siemens:sentron_3wa_com190_firmware:*:*:*:*:*:*:*:*

Версия до 2.0.0 (исключая)

cpe:2.3:h:siemens:sentron_3wa_com190:-:*:*:*:*:*:*:*

EPSS

Процентиль: 65%

0.00498

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-jggm-qmcw-j5f5

github

больше 3 лет назад

BDU:2021-04496