A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name label parsing functionality does not properly validate the null-terminated name in DNS-responses. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the read memory.
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf | |
https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf | Patch Vendor Advisory |
https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
AND |
|
History
08 Aug 2023, 10:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name label parsing functionality does not properly validate the null-terminated name in DNS-responses. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the read memory. |
05 Aug 2022, 17:13
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-170 |
CWE-125 |
29 Apr 2022, 02:06
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:siemens:capital_vstar:-:*:*:*:*:*:*:* cpe:2.3:a:siemens:nucleus_4:*:*:*:*:*:*:*:* |
cpe:2.3:a:siemens:nucleus_readystart_v4:*:*:*:*:*:*:*:* cpe:2.3:a:siemens:nucleus_readystart_v3:*:*:*:*:*:*:*:* |
CWE | CWE-193 |
11 Jan 2022, 12:15
Type | Values Removed | Values Added |
---|---|---|
Summary | A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0). The DNS domain name label parsing functionality does not properly validate the null-terminated name in DNS-responses. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the read memory. |
17 Nov 2021, 22:17
Type | Values Removed | Values Added |
---|---|---|
Summary | A vulnerability has been identified in Capital VSTAR (Versions including affected DNS modules), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0). The DNS domain name label parsing functionality does not properly validate the null-terminated name in DNS-responses. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the read memory. |
12 Nov 2021, 19:36
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:siemens:vstar:-:*:*:*:*:*:*:* |
cpe:2.3:a:siemens:capital_vstar:-:*:*:*:*:*:*:* |
Information
Published : 2021-04-22 21:15
Updated : 2024-02-04 21:47
NVD link : CVE-2020-27736
Mitre link : CVE-2020-27736
CVE.ORG link : CVE-2020-27736
JSON object : View
Products Affected
siemens
- nucleus_source_code
- simotics_connect_400_firmware
- nucleus_readystart_v3
- nucleus_readystart_v4
- nucleus_net
- simotics_connect_400