CVE-2021-31887
Summary
| CVE | CVE-2021-31887 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-11-09 12:15:00 UTC |
| Updated | 2023-03-13 15:28:00 UTC |
| Description | A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “PWD/XPWD” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0016) |
Risk And Classification
Problem Types: CWE-170
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Siemens | Apogee Modular Building Controller | - | All | All | All |
| Operating System | Siemens | Apogee Modular Building Controller Firmware | All | All | All | All |
| Hardware | Siemens | Apogee Modular Equiment Controller | - | All | All | All |
| Operating System | Siemens | Apogee Modular Equiment Controller Firmware | All | All | All | All |
| Hardware | Siemens | Apogee Pxc Compact | - | All | All | All |
| Operating System | Siemens | Apogee Pxc Compact Firmware | All | All | All | All |
| Operating System | Siemens | Apogee Pxc Compact Firmware | All | All | All | All |
| Operating System | Siemens | Apogee Pxc Compact Firmware | All | All | All | All |
| Hardware | Siemens | Apogee Pxc Modular | - | All | All | All |
| Operating System | Siemens | Apogee Pxc Modular Firmware | All | All | All | All |
| Operating System | Siemens | Apogee Pxc Modular Firmware | All | All | All | All |
| Operating System | Siemens | Apogee Pxc Modular Firmware | All | All | All | All |
| Application | Siemens | Capital Vstar | All | All | All | All |
| Hardware | Siemens | Desigo Pxc00-e.d | - | All | All | All |
| Operating System | Siemens | Desigo Pxc00-e.d Firmware | All | All | All | All |
| Hardware | Siemens | Desigo Pxc00-u | - | All | All | All |
| Operating System | Siemens | Desigo Pxc00-u Firmware | All | All | All | All |
| Hardware | Siemens | Desigo Pxc001-e.d | - | All | All | All |
| Operating System | Siemens | Desigo Pxc001-e.d Firmware | All | All | All | All |
| Hardware | Siemens | Desigo Pxc100-e.d | - | All | All | All |
| Operating System | Siemens | Desigo Pxc100-e.d Firmware | All | All | All | All |
| Hardware | Siemens | Desigo Pxc12-e.d | - | All | All | All |
| Operating System | Siemens | Desigo Pxc12-e.d Firmware | All | All | All | All |
| Hardware | Siemens | Desigo Pxc128-u | - | All | All | All |
| Operating System | Siemens | Desigo Pxc128-u Firmware | All | All | All | All |
| Hardware | Siemens | Desigo Pxc200-e.d | - | All | All | All |
| Operating System | Siemens | Desigo Pxc200-e.d Firmware | All | All | All | All |
| Hardware | Siemens | Desigo Pxc22-e.d | - | All | All | All |
| Operating System | Siemens | Desigo Pxc22-e.d Firmware | All | All | All | All |
| Hardware | Siemens | Desigo Pxc22.1-e.d | - | All | All | All |
| Operating System | Siemens | Desigo Pxc22.1-e.d Firmware | All | All | All | All |
| Hardware | Siemens | Desigo Pxc36.1-e.d | - | All | All | All |
| Operating System | Siemens | Desigo Pxc36.1-e.d Firmware | All | All | All | All |
| Hardware | Siemens | Desigo Pxc50-e.d | - | All | All | All |
| Operating System | Siemens | Desigo Pxc50-e.d Firmware | All | All | All | All |
| Hardware | Siemens | Desigo Pxc64-u | - | All | All | All |
| Operating System | Siemens | Desigo Pxc64-u Firmware | All | All | All | All |
| Hardware | Siemens | Desigo Pxm20-e | - | All | All | All |
| Operating System | Siemens | Desigo Pxm20-e Firmware | All | All | All | All |
| Application | Siemens | Nucleus Net | All | All | All | All |
| Application | Siemens | Nucleus Readystart V3 | All | All | All | All |
| Application | Siemens | Nucleus Readystart V4 | All | All | All | All |
| Application | Siemens | Nucleus Source Code | All | All | All | All |
| Hardware | Siemens | Talon Tc Compact | - | All | All | All |
| Operating System | Siemens | Talon Tc Compact Firmware | All | All | All | All |
| Hardware | Siemens | Talon Tc Modular | - | All | All | All |
| Operating System | Siemens | Talon Tc Modular Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf | MISC | cert-portal.siemens.com | |
| cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf | MISC | cert-portal.siemens.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 590688 Siemens Nucleus RTOS-based APOGEE and TALON Products (Update A) Multiple Vulnerabilities (ICSA-21-315-07)
- 590744 Siemens Nucleus RTOS TCP/IP Stack Multiple Vulnerabilities (ICSA-21-313-03)
- 590745 Siemens Nucleus RTOS TCP/IP Stack Multiple Vulnerabilities (SSA-044112)
- 590746 Siemens Nucleus RTOS Transmission Control Protocol/Internet Protocol (TCP/IP) Stack Multiple Vulnerabilities (SSA-114589)
- 590821 WAGO NUCLEUS Transmission Control Protocol (TCP) Stack Multiple Vulnerabilities (VDE-2021-050)