A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition.
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
Configuration 15 (hide)
AND |
|
Configuration 16 (hide)
AND |
|
Configuration 17 (hide)
AND |
|
Configuration 18 (hide)
AND |
|
Configuration 19 (hide)
AND |
|
Configuration 20 (hide)
|
History
16 Dec 2021, 18:27
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\"_firmware:15.1:update2:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\"_firmware:16:*:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\"_firmware:15.1:update2:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update5:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update2:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\"_firmware:15.1:-:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update3:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update2:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update3:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update3:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update4:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update2:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update1:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update3:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update3:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\"_firmware:15.1:-:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update3:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update4:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update3:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\"_firmware:15.1:update5:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update1:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update4:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\"_firmware:16:update1:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update3:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update4:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\"_firmware:16:update2:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update1:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update5:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update1:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update1:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update2:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update4:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\"_firmware:16:update1:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\"_firmware:16:update1:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\"_firmware:15.1:update2:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\"_firmware:16:update2:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\"_firmware:15.1:update5:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update1:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\"_firmware:15.1:update3:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\"_firmware:15.1:-:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\"_firmware:16:update3:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update2:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\"_firmware:15.1:update5:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update1:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update1:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update2:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\"_firmware:16:update3:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update5:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\"_firmware:16:update2:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\"_firmware:15.1:update1:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update1:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\"_firmware:16:update2:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update2:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\"_firmware:15.1:update4:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\"_firmware:15.1:update3:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update2:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\"_firmware:16:update1:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\"_firmware:15.1:update4:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\"_firmware:15.1:update4:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\"_firmware:15.1:update1:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update5:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update3:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update5:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\"_firmware:15.1:update1:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\"_firmware:15.1:update1:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\"_firmware:15.1:update3:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update4:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\"_firmware:15.1:update5:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update2:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\"_firmware:15.1:-:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\"_firmware:15.1:update2:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\"_firmware:15.1:update3:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\"_firmware:16:update3:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update3:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\"_firmware:16:update3:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update2:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update5:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update1:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\"_firmware:15.1:update4:*:*:*:*:*:* |
|
References | (MISC) https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf - Patch, Vendor Advisory |
12 Oct 2021, 10:15
Type | Values Removed | Values Added |
---|---|---|
Summary | A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition. |
14 Sep 2021, 11:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-788 | |
Summary | A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15 SP1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15 SP1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15 SP1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15 SP1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition. |
21 May 2021, 13:19
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
References | (MISC) https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf - Vendor Advisory | |
CWE | CWE-119 | |
CPE | cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\":-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\":-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:-:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\"_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update2:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update1:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\"_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\":-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\"_firmware:16:-:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\"_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\"_firmware:16:-:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-:*:*:*:*:*:* cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update3:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\"_firmware:16:-:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\"_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\":-:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\"_firmware:16:-:*:*:*:*:*:* |
Information
Published : 2021-05-12 14:15
Updated : 2024-02-04 21:47
NVD link : CVE-2021-25660
Mitre link : CVE-2021-25660
CVE.ORG link : CVE-2021-25660
JSON object : View
Products Affected
siemens
- simatic_hmi_ktp_mobile_panels_ktp400f
- simatic_hmi_ktp_mobile_panels_ktp700
- simatic_hmi_ktp_mobile_panels_ktp400f_firmware
- simatic_hmi_comfort_outdoor_panels_15\"
- simatic_hmi_comfort_panels_4\"
- simatic_hmi_comfort_outdoor_panels_7\"_firmware
- simatic_hmi_comfort_outdoor_panels_7\"
- simatic_hmi_ktp_mobile_panels_ktp700_firmware
- simatic_hmi_ktp_mobile_panels_ktp700f
- simatic_hmi_ktp_mobile_panels_ktp900_firmware
- simatic_hmi_ktp_mobile_panels_ktp700f_firmware
- simatic_wincc_runtime_advanced
- simatic_hmi_comfort_panels_4\"_firmware
- simatic_hmi_ktp_mobile_panels_ktp900
- simatic_hmi_ktp_mobile_panels_ktp900f_firmware
- simatic_hmi_ktp_mobile_panels_ktp900f
- simatic_hmi_comfort_outdoor_panels_15\"_firmware
- simatic_hmi_comfort_panels_22\"_firmware
- simatic_hmi_comfort_panels_22\"