Published: 13/07/2021 Updated: 27/08/2021

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V4.3.7), RUGGEDCOM ROS M2200 (All versions < V4.3.7), RUGGEDCOM ROS M969 (All versions < V4.3.7), RUGGEDCOM ROS RMC (All versions < V4.3.7), RUGGEDCOM ROS RMC20 (All versions < V4.3.7), RUGGEDCOM ROS RMC30 (All versions < V4.3.7), RUGGEDCOM ROS RMC40 (All versions < V4.3.7), RUGGEDCOM ROS RMC41 (All versions < V4.3.7), RUGGEDCOM ROS RMC8388 V4.X (All versions < V4.3.7), RUGGEDCOM ROS RMC8388 V5.X (All versions < V5.5.4), RUGGEDCOM ROS RP110 (All versions < V4.3.7), RUGGEDCOM ROS RS400 (All versions < V4.3.7), RUGGEDCOM ROS RS401 (All versions < V4.3.7), RUGGEDCOM ROS RS416 (All versions < V4.3.7), RUGGEDCOM ROS RS416v2 V4.X (All versions < V4.3.7), RUGGEDCOM ROS RS416v2 V5.X (All versions < 5.5.4), RUGGEDCOM ROS RS8000 (All versions < V4.3.7), RUGGEDCOM ROS RS8000A (All versions < V4.3.7), RUGGEDCOM ROS RS8000H (All versions < V4.3.7), RUGGEDCOM ROS RS8000T (All versions < V4.3.7), RUGGEDCOM ROS RS900 (32M) V4.X (All versions < V4.3.7), RUGGEDCOM ROS RS900 (32M) V5.X (All versions < V5.5.4), RUGGEDCOM ROS RS900G (All versions < V4.3.7), RUGGEDCOM ROS RS900G (32M) V4.X (All versions < V4.3.7), RUGGEDCOM ROS RS900G (32M) V5.X (All versions < V5.5.4), RUGGEDCOM ROS RS900GP (All versions < V4.3.7), RUGGEDCOM ROS RS900L (All versions < V4.3.7), RUGGEDCOM ROS RS900W (All versions < V4.3.7), RUGGEDCOM ROS RS910 (All versions < V4.3.7), RUGGEDCOM ROS RS910L (All versions < V4.3.7), RUGGEDCOM ROS RS910W (All versions < V4.3.7), RUGGEDCOM ROS RS920L (All versions < V4.3.7), RUGGEDCOM ROS RS920W (All versions < V4.3.7), RUGGEDCOM ROS RS930L (All versions < V4.3.7), RUGGEDCOM ROS RS930W (All versions < V4.3.7), RUGGEDCOM ROS RS940G (All versions < V4.3.7), RUGGEDCOM ROS RS969 (All versions < V4.3.7), RUGGEDCOM ROS RSG2100 (32M) V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG2100 (32M) V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSG2100 V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG2100P (All versions < V4.3.7), RUGGEDCOM ROS RSG2100P (32M) V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG2100P (32M) V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSG2200 (All versions < V4.3.7), RUGGEDCOM ROS RSG2288 V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG2288 V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSG2300 V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG2300 V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSG2300P V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG2300P V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSG2488 V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG2488 V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSG900 V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG900 V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSG900C (All versions < V5.5.4), RUGGEDCOM ROS RSG900G V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG900G V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSG900R (All versions < V5.5.4), RUGGEDCOM ROS RSG920P V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG920P V5.X (All versions < V5.5.4), RUGGEDCOM ROS RSL910 (All versions < V5.5.4), RUGGEDCOM ROS RST2228 (All versions < V5.5.4), RUGGEDCOM ROS RST916C (All versions < V5.5.4), RUGGEDCOM ROS RST916P (All versions < V5.5.4), RUGGEDCOM ROS i800 (All versions < V4.3.7), RUGGEDCOM ROS i801 (All versions < V4.3.7), RUGGEDCOM ROS i802 (All versions < V4.3.7), RUGGEDCOM ROS i803 (All versions < V4.3.7). The DHCP client in affected devices fails to properly sanitize incoming DHCP packets. This could allow an unauthenticated remote malicious user to cause memory to be overwritten, potentially allowing remote code execution.

Vulnerable Product	Search on Vulmon	Subscribe to Product
siemens ruggedcom_ros_i800
siemens ruggedcom_ros_i801
siemens ruggedcom_ros_i802
siemens ruggedcom_ros_i803
siemens ruggedcom_ros_m969
siemens ruggedcom_ros_m2100
siemens ruggedcom_ros_m2200
siemens ruggedcom_ros_rmc
siemens ruggedcom_ros_rmc20
siemens ruggedcom_ros_rmc30
siemens ruggedcom_ros_rmc40
siemens ruggedcom_ros_rmc41
siemens ruggedcom_ros_rmc8388
siemens ruggedcom_ros_rp110
siemens ruggedcom_ros_rs400
siemens ruggedcom_ros_rs401
siemens ruggedcom_ros_rs416
siemens ruggedcom_ros_rs416v2
siemens ruggedcom_ros_rs900
siemens ruggedcom_ros_rs900g
siemens ruggedcom_ros_rs900gp
siemens ruggedcom_ros_rs900l
siemens ruggedcom_ros_rs900w
siemens ruggedcom_ros_rs910
siemens ruggedcom_ros_rs910l
siemens ruggedcom_ros_rs910w
siemens ruggedcom_ros_rs920l
siemens ruggedcom_ros_rs920w
siemens ruggedcom_ros_rs930l
siemens ruggedcom_ros_rs930w
siemens ruggedcom_ros_rs940g
siemens ruggedcom_ros_rs969
siemens ruggedcom_ros_rs8000
siemens ruggedcom_ros_rs8000a
siemens ruggedcom_ros_rs8000h
siemens ruggedcom_ros_rs8000t
siemens ruggedcom_ros_rsg900
siemens ruggedcom_ros_rsg900c
siemens ruggedcom_ros_rsg900g
siemens ruggedcom_ros_rsg900r
siemens ruggedcom_ros_rsg920p
siemens ruggedcom_ros_rsg2100
siemens ruggedcom_ros_rsg2100p
siemens ruggedcom_ros_rsg2200
siemens ruggedcom_ros_rsg2288
siemens ruggedcom_ros_rsg2300
siemens ruggedcom_ros_rsg2300p
siemens ruggedcom_ros_rsg2488
siemens ruggedcom_ros_rsl910
siemens ruggedcom_ros_rst916c
siemens ruggedcom_ros_rst916p
siemens ruggedcom_ros_rst2228

CWE-787 CWE-120 https://cert-portal.siemens.com/productcert/pdf/ssa-373591.pdf https://nvd.nist.gov

CVE-2021-31895

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect