cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2021-31890,https://securityvulnerability.io/vulnerability/CVE-2021-31890,,"A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions < V1.0.0.0). The total length of an TCP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0017)",Siemens,"Capital Embedded Ar Classic 431-422,Capital Embedded Ar Classic R20-11,Pluscontrol 1st Gen,Simotics Connect 400",9.1,CRITICAL,0.012029999867081642,false,,false,false,false,,false,false,2021-11-09T11:32:02.000Z,0
CVE-2021-31889,https://securityvulnerability.io/vulnerability/CVE-2021-31889,,"A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0). Malformed TCP packets with a corrupted SACK option leads to Information Leaks and Denial-of-Service conditions. (FSMD-2021-0015)",Siemens,"Capital Embedded Ar Classic 431-422,Capital Embedded Ar Classic R20-11,Pluscontrol 1st Gen,Simotics Connect 400",9.1,CRITICAL,0.012029999867081642,false,,false,false,false,,false,false,2021-11-09T11:32:01.000Z,0
CVE-2021-31346,https://securityvulnerability.io/vulnerability/CVE-2021-31346,,"A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions < V1.0.0.0). The total length of an ICMP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer organization in memory. (FSMD-2021-0007)",Siemens,"Capital Embedded Ar Classic 431-422,Capital Embedded Ar Classic R20-11,Pluscontrol 1st Gen,Simotics Connect 400",9.1,CRITICAL,0.012029999867081642,false,,false,false,false,,false,false,2021-11-09T11:31:53.000Z,0
CVE-2021-31344,https://securityvulnerability.io/vulnerability/CVE-2021-31344,,"A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions < V1.0.0.0). ICMP echo packets with fake IP options allow sending ICMP echo reply messages to arbitrary hosts on the network. (FSMD-2021-0004)",Siemens,"Capital Embedded Ar Classic 431-422,Capital Embedded Ar Classic R20-11,Pluscontrol 1st Gen,Simotics Connect 400",5.3,MEDIUM,0.005319999996572733,false,,false,false,false,,false,false,2021-11-09T11:31:51.000Z,0
CVE-2021-25677,https://securityvulnerability.io/vulnerability/CVE-2021-25677,,"A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions >= V0.5.0.0 < V1.0.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the DNS cache or spoof DNS resolving.",Siemens,"Apogee Pxc Compact (bacnet),Apogee Pxc Compact (p2 Ethernet),Apogee Pxc Modular (bacnet),Apogee Pxc Modular (p2 Ethernet),Nucleus Net,Nucleus Readystart V3,Nucleus Readystart V4,Nucleus Source Code,Simotics Connect 400,Talon Tc Compact (bacnet),Talon Tc Modular (bacnet)",5.3,MEDIUM,0.0010499999625608325,false,,false,false,false,,false,false,2021-04-22T20:42:21.000Z,0
CVE-2020-27738,https://securityvulnerability.io/vulnerability/CVE-2020-27738,,"A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a read access past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition.",Siemens,"Apogee Pxc Compact (bacnet),Apogee Pxc Compact (p2 Ethernet),Apogee Pxc Modular (bacnet),Apogee Pxc Modular (p2 Ethernet),Nucleus Net,Nucleus Readystart V3,Nucleus Readystart V4,Nucleus Source Code,Simotics Connect 400,Talon Tc Compact (bacnet),Talon Tc Modular (bacnet)",6.5,MEDIUM,0.0028800000436604023,false,,false,false,false,,false,false,2021-04-22T20:42:20.000Z,0
CVE-2020-27737,https://securityvulnerability.io/vulnerability/CVE-2020-27737,,"A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition  or leak the memory past the allocated structure.",Siemens,"Apogee Pxc Compact (bacnet),Apogee Pxc Compact (p2 Ethernet),Apogee Pxc Modular (bacnet),Apogee Pxc Modular (p2 Ethernet),Nucleus Net,Nucleus Readystart V3,Nucleus Readystart V4,Nucleus Source Code,Simotics Connect 400,Talon Tc Compact (bacnet),Talon Tc Modular (bacnet)",6.5,MEDIUM,0.0016700000269338489,false,,false,false,false,,false,false,2021-04-22T20:42:19.000Z,0
CVE-2020-27736,https://securityvulnerability.io/vulnerability/CVE-2020-27736,,"A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name label parsing functionality does not properly validate the null-terminated name in DNS-responses. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the read memory.",Siemens,"Apogee Pxc Compact (bacnet),Apogee Pxc Compact (p2 Ethernet),Apogee Pxc Modular (bacnet),Apogee Pxc Modular (p2 Ethernet),Nucleus Net,Nucleus Readystart V3,Nucleus Readystart V4,Nucleus Source Code,Simotics Connect 400,Talon Tc Compact (bacnet),Talon Tc Modular (bacnet)",6.5,MEDIUM,0.0016700000269338489,false,,false,false,false,,false,false,2021-04-22T20:42:19.000Z,0
CVE-2019-13939,https://securityvulnerability.io/vulnerability/CVE-2019-13939,,"A vulnerability has been identified in APOGEE MEC/MBC/PXC (P2) (All versions < V2.8.2), APOGEE PXC Series (BACnet) (All versions < V3.5.3), APOGEE PXC Series (P2) (All versions >= V2.8.2 and < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC00-U (All versions >= V2.3x and < V6.00.327), Desigo PXC001-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC100-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC12-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC128-U (All versions >= V2.3x and < V6.00.327), Desigo PXC200-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC22-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC22.1-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC36.1-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC50-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC64-U (All versions >= V2.3x and < V6.00.327), Desigo PXM20-E (All versions >= V2.3x and < V6.00.327), Nucleus NET (All versions), Nucleus RTOS (All versions), Nucleus ReadyStart for ARM, MIPS, and PPC (All versions < V2017.02.2 with patch ""Nucleus 2017.02.02 Nucleus NET Patch""), Nucleus SafetyCert (All versions), Nucleus Source Code (All versions), SIMOTICS CONNECT 400 (All versions < V0.3.0.330), TALON TC Series (BACnet) (All versions < V3.5.3), VSTAR (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value. The vulnerability could affect availability and integrity of the device. Adjacent network access is required, but no authentication and no user interaction is needed to conduct an attack.",Siemens,"Apogee Mec/mbc/pxc (p2),Apogee Pxc Series (bacnet),Apogee Pxc Series (p2),Desigo Pxc00-e.d,Desigo Pxc00-u,Desigo Pxc001-e.d,Desigo Pxc100-e.d,Desigo Pxc12-e.d,Desigo Pxc128-u,Desigo Pxc200-e.d,Desigo Pxc22-e.d,Desigo Pxc22.1-e.d,Desigo Pxc36.1-e.d,Desigo Pxc50-e.d,Desigo Pxc64-u,Desigo Pxm20-e,Nucleus Net,Nucleus Rtos,Nucleus Readystart For Arm, Mips, And Ppc,Nucleus Safetycert,Nucleus Source Code,Simotics Connect 400,Talon Tc Series (bacnet),Vstar",7.1,HIGH,0.002259999979287386,false,,false,false,false,,false,false,2020-01-16T15:35:24.000Z,0