Published: 20/04/2022 Updated: 03/05/2022

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

A denial of service vulnerability exists in MDT's firmware for the KNXnet/IP Secure router SCN-IP100.03 and KNX IP interface SCN-IP000.03 before v3.0.4, that allows a remote malicious user to turn the device unresponsive to all requests on the KNXnet/IP Secure layer, until the device is rebooted, via a SESSION_REQUEST frame with a modified total length field.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mdt scn-ip000.03_firmware
mdt scn-ip100.03_firmware

PoC for DoS vulnerability CVE-2021-37740 in firmware v3.0.3 of SCN-IP100.03 and SCN-IP000.03 by MDT. The bug has been fixed in firmware v3.0.4.

Proof of Concept for CVE-2021-37740 Table of Contents Introduction The Vulnerability Executing the PoC Remediation Coordinated Vulnerability Disclosure License Change Log Introduction CVE-2021-37740 is a denial of service (DoS) vulnerability that affects firmware v303 of the KNXnet/IP Secure router SCN-IP10003 and interface SCN-IP00003 by MDT A specially crafted KNXnet/I

NVD-CWE-noinfo https://www.mdt.de/download/MDT_CL_SCN_IP_03_IP_Interface_Router.pdf https://github.com/robertguetzkow/CVE-2021-37740 https://www.mdt.de/EN_IP_Interface_Router.html https://nvd.nist.gov https://github.com/robertguetzkow/CVE-2021-37740

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-37740

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect