#VU58086 Improper Null Termination in Siemens Server applications
Vulnerability identifier: #VU58086
Vulnerability risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-170
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Nucleus NET
Server applications /
Other server solutions
Nucleus Source Code
Server applications /
Other server solutions
Capital VSTAR
Server applications /
Other server solutions
Nucleus ReadyStart
Server applications /
Other server solutions
Vendor: Siemens
Description
The vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to improper null termination when the FTP server does not properly validate the length of the “USER” command. A remote attacker can execute arbitrary code on the target system.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Nucleus NET: All versions
Nucleus Source Code: All versions
Capital VSTAR: All versions
External links
http://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
