Risk | High |
Patch available | YES |
Number of vulnerabilities | 13 |
CVE-ID | CVE-2021-31344 CVE-2021-31345 CVE-2021-31346 CVE-2021-31881 CVE-2021-31882 CVE-2021-31883 CVE-2021-31884 CVE-2021-31885 CVE-2021-31886 CVE-2021-31887 CVE-2021-31888 CVE-2021-31889 CVE-2021-31890 |
CWE-ID | CWE-843 CWE-20 CWE-125 CWE-119 CWE-170 CWE-190 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
Nucleus NET Server applications / Other server solutions Nucleus Source Code Server applications / Other server solutions Capital VSTAR Server applications / Other server solutions Nucleus ReadyStart Server applications / Other server solutions |
Vendor | Siemens |
Security Bulletin
This security bulletin contains information about 13 vulnerabilities.
EUVDB-ID: #VU58078
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-31344
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the system.
The vulnerability exists due to a type confusion error within ICMP echo packets with fake IP options. A remote attacker can send specially crafted ICMP echo reply messages to arbitrary hosts on the network.
MitigationInstall updates from vendor's website.
Vulnerable software versionsNucleus NET: All versions
Nucleus Source Code: All versions
Capital VSTAR: All versions
Nucleus ReadyStart: before 2017.02.4
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU58079
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-31345
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the total length of an UDP payload (set in the IP header) is unchecked. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack or gain access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsNucleus NET: All versions
Nucleus Source Code: All versions
Capital VSTAR: All versions
Nucleus ReadyStart: before 2017.02.4
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU58080
Risk: High
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-31346
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the total length of an UDP payload (set in the IP header) is unchecked. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack or gain access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsNucleus NET: All versions
Nucleus Source Code: All versions
Capital VSTAR: All versions
Nucleus ReadyStart: before 2017.02.4
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU58081
Risk: Medium
CVSSv3.1: 6.2 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-31881
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition. A remote attacker on the local network can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system or cause a denial of service (DoS) condition.
MitigationInstall updates from vendor's website.
Vulnerable software versionsNucleus NET: All versions
Nucleus Source Code: All versions
Capital VSTAR: All versions
Nucleus ReadyStart: before 2017.02.4
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU58082
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-31882
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in the DHCP client application when processing DHCP ACK packets. A remote attacker on the local network can trigger memory corruption and cause a denial of service condition on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsNucleus NET: All versions
Nucleus Source Code: All versions
Capital VSTAR: All versions
Nucleus ReadyStart: before 2017.02.4
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU58083
Risk: Medium
CVSSv3.1: 6.2 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-31883
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in the DHCP client application when processing a DHCP ACK message. A remote attacker on the local network can trigger memory corruption and cause a denial of service condition on the target system or gain access to sensitive information.
MitigationInstall updates from vendor's website.
Vulnerable software versionsNucleus NET: All versions
Nucleus Source Code: All versions
Capital VSTAR: All versions
Nucleus ReadyStart: before 2017.02.4
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU58084
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-31884
CWE-ID:
CWE-170 - Improper Null Termination
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to the DHCP client application assumes the data supplied with the “hostname” DHCP option NULL is terminated. A remote attacker on the local network can execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsNucleus NET: All versions
Nucleus Source Code: All versions
Capital VSTAR: All versions
Nucleus ReadyStart: before 2017.02.4
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU58085
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-31885
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition. A remote attacker can send specially crafted TFTP commands, trigger out-of-bounds read error and read contents of memory on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsNucleus NET: All versions
Nucleus Source Code: All versions
Capital VSTAR: All versions
Nucleus ReadyStart: before 2017.02.4
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU58086
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-31886
CWE-ID:
CWE-170 - Improper Null Termination
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to improper null termination when the FTP server does not properly validate the length of the “USER” command. A remote attacker can execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsNucleus NET: All versions
Nucleus Source Code: All versions
Capital VSTAR: All versions
Nucleus ReadyStart: before 2017.02.4
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU58087
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-31887
CWE-ID:
CWE-170 - Improper Null Termination
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to improper null termination when the FTP server does not properly validate the length of the “PWD/XPWD” command. A remote authenticated attacker can execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsNucleus NET: All versions
Nucleus Source Code: All versions
Capital VSTAR: All versions
Nucleus ReadyStart: before 2017.02.4
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU58088
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-31888
CWE-ID:
CWE-170 - Improper Null Termination
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to improper null termination when the FTP server does not properly validate the length of the “MKD/XMKD” command. A remote authenticated attacker can execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsNucleus NET: All versions
Nucleus Source Code: All versions
Capital VSTAR: All versions
Nucleus ReadyStart: before 2017.02.4
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU58089
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-31889
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to integer overflow. A remote attacker can send a specially crafted TCP packet, trigger integer overflow and cause a denial of service condition on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsNucleus NET: All versions
Nucleus Source Code: All versions
Capital VSTAR: All versions
Nucleus ReadyStart: before 2017.02.4
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU58090
Risk: High
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-31890
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to the total length of a TCP payload (set in the IP header) is unchecked. A remote attacker can cause a denial of service condition on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsNucleus NET: All versions
Nucleus Source Code: All versions
Capital VSTAR: All versions
Nucleus ReadyStart: before 2017.02.4
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.