Vulnerability-Lookup

CVE-2021-44165 (GCVE-0-2021-44165)

Vulnerability from cvelistv5 – Published: 2021-12-14 12:06 – Updated: 2024-08-04 04:17

Summary

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41). The affected firmware contains a buffer overflow vulnerability in the web application that could allow a remote attacker with engineer or admin priviliges to potentially perform remote code execution.

Severity ?

No CVSS data available.

CWE

CWE-121 - Stack-based Buffer Overflow

Assigner

siemens

References

URL

FKIE_CVE-2021-44165

Vulnerability from fkie_nvd - Published: 2021-12-14 12:15 - Updated: 2024-11-21 06:30

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf	Vendor Advisory

Impacted products

Vendor	Product	Version
siemens	7kg9501-0aa01-2aa1_firmware	*
siemens	7kg9501-0aa01-2aa1	-
siemens	7kg9501-0aa31-0aa1_firmware	*
siemens	7kg9501-0aa31-0aa1	-
siemens	7kg9501-0aa31-2aa1_firmware	*
siemens	7kg9501-0aa31-2aa1	-
siemens	7kg9501-0aa01-0aa1_firmware	*
siemens	7kg9501-0aa01-0aa1	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:7kg9501-0aa01-2aa1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "96EDF0C8-91BF-48C2-8FDC-C3AFBC8878D0",
              "versionEndExcluding": "2.41",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:7kg9501-0aa01-2aa1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "275E9296-AACA-4F3B-B8FA-D52A59E729DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:7kg9501-0aa31-0aa1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B100E1D3-4D10-4066-9067-799076DD6643",
              "versionEndExcluding": "2.41",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:7kg9501-0aa31-0aa1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B09F87C0-1A7D-43F6-A02F-D808C880FF74",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:7kg9501-0aa31-2aa1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27616240-C04A-4F45-8A6D-B8044242CF5C",
              "versionEndExcluding": "2.41",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:7kg9501-0aa31-2aa1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC260D4F-53BD-433C-AE8F-FA2FA47BC921",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:7kg9501-0aa01-0aa1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD0414B9-4EF2-4486-A2BA-926CD0A1D23A",
              "versionEndExcluding": "2.41",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:7kg9501-0aa01-0aa1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "632E89F3-80E7-4E2F-A3D3-0A6183F4A444",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41). The affected firmware contains a buffer overflow vulnerability in the web application that could allow a remote attacker with engineer or admin priviliges to potentially perform remote code execution."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en POWER METER SICAM Q100 (Todas las versiones anteriores a V2.41), POWER METER SICAM Q100 (Todas las versiones anteriores a V2.41), POWER METER SICAM Q100 (Todas las versiones anteriores a V2.41), POWER METER SICAM Q100 (Todas las versiones anteriores a V2.41). El firmware afectado contiene una vulnerabilidad de desbordamiento de b\u00fafer en la aplicaci\u00f3n web que podr\u00eda permitir a un atacante remoto con privilegios de ingeniero o administrador realizar potencialmente una ejecuci\u00f3n de c\u00f3digo remota"
    }
  ],
  "id": "CVE-2021-44165",
  "lastModified": "2024-11-21T06:30:28.937",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-12-14T12:15:10.923",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-121"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    }
  ]
}

GHSA-RWP6-CPW3-HXXX

Vulnerability from github – Published: 2021-12-15 00:01 – Updated: 2021-12-17 00:00

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-44165"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-121"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-12-14T12:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability has been identified in POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41). The affected firmware contains a buffer overflow vulnerability in the web application that could allow a remote attacker with engineer or admin priviliges to potentially perform remote code execution.",
  "id": "GHSA-rwp6-cpw3-hxxx",
  "modified": "2021-12-17T00:00:48Z",
  "published": "2021-12-15T00:01:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44165"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2021-44165

Vulnerability from fstec - Published: 14.12.2021

Title

Уязвимость микропрограммного обеспечение измерителя мощности POWER METER SICAM Q100, связанная с чтением данных за границами буфера в памяти, позволяющая нарушителю выполнить произвольный код

Description

Уязвимость микропрограммного обеспечение измерителя мощности POWER METER SICAM Q100 связана с чтением данных за границами буфера в памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнить произвольный код

Severity ?


                    
                      AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Vendor

Siemens AG

Software Name

POWER METER SICAM Q100

Software Version

до 2.41 (POWER METER SICAM Q100)

Possible Mitigations

Использование рекомендаций: https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf

Reference

https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf

CWE

CWE-121

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Siemens AG",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 2.41 (POWER METER SICAM Q100)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "14.12.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "19.08.2022",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "19.08.2022",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-05148",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2021-44165",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "POWER METER SICAM Q100",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435 \u0438\u0437\u043c\u0435\u0440\u0438\u0442\u0435\u043b\u044f \u043c\u043e\u0449\u043d\u043e\u0441\u0442\u0438 POWER METER SICAM Q100, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0447\u0442\u0435\u043d\u0438\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u0445 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u0441\u0442\u0435\u043a\u0435 (CWE-121)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435 \u0438\u0437\u043c\u0435\u0440\u0438\u0442\u0435\u043b\u044f \u043c\u043e\u0449\u043d\u043e\u0441\u0442\u0438 POWER METER SICAM Q100 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0447\u0442\u0435\u043d\u0438\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u0445 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u041e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0410\u0421\u0423 \u0422\u041f",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-121",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,2)"
}

GSD-2021-44165

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2021-44165

Aliases

CVE-2021-44165

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-44165",
    "description": "A vulnerability has been identified in POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41). The affected firmware contains a buffer overflow vulnerability in the web application that could allow a remote attacker with engineer or admin priviliges to potentially perform remote code execution.",
    "id": "GSD-2021-44165"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-44165"
      ],
      "details": "A vulnerability has been identified in POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41). The affected firmware contains a buffer overflow vulnerability in the web application that could allow a remote attacker with engineer or admin priviliges to potentially perform remote code execution.",
      "id": "GSD-2021-44165",
      "modified": "2023-12-13T01:23:20.634792Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "productcert@siemens.com",
        "ID": "CVE-2021-44165",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "POWER METER SICAM Q100",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions \u003c V2.41"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "POWER METER SICAM Q100",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions \u003c V2.41"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "POWER METER SICAM Q100",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions \u003c V2.41"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "POWER METER SICAM Q100",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions \u003c V2.41"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Siemens"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability has been identified in POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41). The affected firmware contains a buffer overflow vulnerability in the web application that could allow a remote attacker with engineer or admin priviliges to potentially perform remote code execution."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-121: Stack-based Buffer Overflow"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf",
            "refsource": "MISC",
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:7kg9501-0aa01-2aa1_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2.41",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:7kg9501-0aa01-2aa1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:7kg9501-0aa31-0aa1_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2.41",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:7kg9501-0aa31-0aa1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:7kg9501-0aa31-2aa1_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2.41",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:7kg9501-0aa31-2aa1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:7kg9501-0aa01-0aa1_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2.41",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:7kg9501-0aa01-0aa1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-44165"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41). The affected firmware contains a buffer overflow vulnerability in the web application that could allow a remote attacker with engineer or admin priviliges to potentially perform remote code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-121"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "N/A",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.2,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2021-12-16T22:00Z",
      "publishedDate": "2021-12-14T12:15Z"
    }
  }
}

CERTFR-2021-AVI-949

Vulnerability from certfr_avis - Published: 2021-12-15 - Updated: 2021-12-15

De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	Teamcenter Active Workspace versions 5.2.x antérieures à 5.2.3
Siemens	N/A	JTTK versions antérieures à 11.0.3.0
Siemens	N/A	SiPass integrated versions antérieures à 2.76
Siemens	N/A	SINUMERIK Edge versions antérieures à 3.2
Siemens	N/A	SIMATIC ITC2200 V3 PRO versions antérieures à 3.2.1.0
Siemens	N/A	SIMATIC eaSie PCS 7 Skill Package (6DL5424-0BX00-0AV8) versions antérieures à 21.00 SP3
Siemens	N/A	Siveillance Identity V5 versions antérieures à 1.6.284, ou sans le correctif de sécurité SP5
Siemens	N/A	Desigo PXC00-U toutes versions postérieures à 2.3
Siemens	N/A	SIMATIC ITC1900 V3 versions antérieures à 3.2.1.0
Siemens	N/A	JT2Go versions antérieures à 13.2.0.5
Siemens	N/A	POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) versions antérieures à 2.41
Siemens	N/A	Desigo PXC22.1-E.D toutes versions postérieures à 2.3
Siemens	N/A	Desigo PXC001-E.D toutes versions postérieures à 2.3
Siemens	N/A	JTTK versions antérieures à 10.8.1.1
Siemens	N/A	POWER METER SICAM Q100 (7KG9501-0AA31-0AA1) versions antérieures à 2.41
Siemens	N/A	APOGEE MEC (PPC) (BACnet) toutes versions
Siemens	N/A	Siveillance Identity V1.6 versions antérieures à 1.6.284.0
Siemens	N/A	APOGEE PXC Compact (P2 Ethernet) toutes versions
Siemens	N/A	JTTK versions antérieures à 11.1.1.0
Siemens	N/A	JT Utilities versions antérieures à 12.8.1.1
Siemens	N/A	Desigo PXC50-E.D toutes versions postérieures à 2.3
Siemens	N/A	Desigo PXC200-E.D toutes versions postérieures à 2.3
Siemens	N/A	Desigo PXC36.1-E.D toutes versions postérieures à 2.3
Siemens	N/A	Desigo PXC00-E.D toutes versions postérieures à 2.3
Siemens	N/A	SiPass integrated versions antérieures à 2.80
Siemens	N/A	APOGEE PXC Modular (BACnet) toutes versions
Siemens	N/A	Teamcenter Visualization versions antérieures à 13.2.0.5
Siemens	N/A	Desigo PXC22-E.D toutes versions postérieures à 2.3
Siemens	N/A	Simcenter STAR-CCM+ Viewer versions antérieures à 2021.3.1
Siemens	N/A	Teamcenter Active Workspace versions 5.1.x antérieures à 5.1.6
Siemens	N/A	Capital VSTAR toutes versions avec l'option Ethernet activée
Siemens	N/A	SiPass integrated versions antérieures à 2.85
Siemens	N/A	JT Utilities versions antérieures à 13.1.1.0
Siemens	N/A	POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) versions antérieures à 2.41
Siemens	N/A	Desigo PXC100-E.D toutes versions postérieures à 2.3
Siemens	N/A	ModelSim Simulation toutes versions
Siemens	N/A	APOGEE PXC Modular (P2 Ethernet) toutes versions
Siemens	N/A	SIMATIC ITC2200 V3 versions antérieures à 3.2.1.0
Siemens	N/A	Desigo PXC12-E.D toutes versions postérieures à 2.3
Siemens	N/A	Questa Simulation toutes versions
Siemens	N/A	JT Utilities versions antérieures à 13.0.3.0
Siemens	N/A	Teamcenter Active Workspace versions 5.0.x antérieures à 5.0.10
Siemens	N/A	Desigo PXC128-U toutes versions postérieures à 2.3
Siemens	N/A	APOGEE MEC (PPC) (P2 Ethernet) toutes versions
Siemens	N/A	SIMATIC ITC1900 V3 PRO versions antérieures à 3.2.1.0
Siemens	N/A	Teamcenter Active Workspace versions 4.3.x antérieures à V4.3.11
Siemens	N/A	APOGEE PXC Compact (BACnet) toutes versions
Siemens	N/A	POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) versions antérieures à 2.41
Siemens	N/A	APOGEE MBC (PPC) (P2 Ethernet) toutes versions
Siemens	N/A	APOGEE MBC (PPC) (BACnet) toutes versions
Siemens	N/A	SIMATIC ITC1500 V3 PRO versions antérieures à 3.2.1.0
Siemens	N/A	SIMATIC ITC1500 V3 versions antérieures à 3.2.1.0
Siemens	N/A	Desigo PXC64-U toutes versions postérieures à 2.3

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens ssa-620288 du 14 décembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-133772 du 14 décembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-199605 du 14 décembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-595101 du 14 décembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-496292 du 14 décembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-400332 du 14 décembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-463116 du 14 décembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-523250 du 14 décembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-352143 du 14 décembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-390195 du 14 décembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-396621 du 14 décembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-802578 du 14 décembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-160202 du 14 décembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-161331 du 14 décembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-114589 du 14 décembre 2021	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Teamcenter Active Workspace versions 5.2.x ant\u00e9rieures \u00e0 5.2.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "JTTK versions ant\u00e9rieures \u00e0 11.0.3.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SiPass integrated versions ant\u00e9rieures \u00e0 2.76",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINUMERIK Edge versions ant\u00e9rieures \u00e0 3.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC ITC2200 V3 PRO versions ant\u00e9rieures \u00e0 3.2.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC eaSie PCS 7 Skill Package (6DL5424-0BX00-0AV8) versions ant\u00e9rieures \u00e0 21.00 SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Siveillance Identity V5 versions ant\u00e9rieures \u00e0 1.6.284, ou sans le correctif de s\u00e9curit\u00e9 SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Desigo PXC00-U toutes versions post\u00e9rieures \u00e0 2.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC ITC1900 V3 versions ant\u00e9rieures \u00e0 3.2.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "JT2Go versions ant\u00e9rieures \u00e0 13.2.0.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) versions ant\u00e9rieures \u00e0 2.41",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Desigo PXC22.1-E.D toutes versions post\u00e9rieures \u00e0 2.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Desigo PXC001-E.D toutes versions post\u00e9rieures \u00e0 2.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "JTTK versions ant\u00e9rieures \u00e0 10.8.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "POWER METER SICAM Q100 (7KG9501-0AA31-0AA1) versions ant\u00e9rieures \u00e0 2.41",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "APOGEE MEC (PPC) (BACnet) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Siveillance Identity V1.6 versions ant\u00e9rieures \u00e0 1.6.284.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "APOGEE PXC Compact (P2 Ethernet) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "JTTK versions ant\u00e9rieures \u00e0 11.1.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "JT Utilities versions ant\u00e9rieures \u00e0 12.8.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Desigo PXC50-E.D toutes versions post\u00e9rieures \u00e0 2.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Desigo PXC200-E.D toutes versions post\u00e9rieures \u00e0 2.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Desigo PXC36.1-E.D toutes versions post\u00e9rieures \u00e0 2.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Desigo PXC00-E.D toutes versions post\u00e9rieures \u00e0 2.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SiPass integrated versions ant\u00e9rieures \u00e0 2.80",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "APOGEE PXC Modular (BACnet) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Teamcenter Visualization versions ant\u00e9rieures \u00e0 13.2.0.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Desigo PXC22-E.D toutes versions post\u00e9rieures \u00e0 2.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Simcenter STAR-CCM+ Viewer versions ant\u00e9rieures \u00e0 2021.3.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Teamcenter Active Workspace versions 5.1.x ant\u00e9rieures \u00e0 5.1.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Capital VSTAR toutes versions avec l\u0027option Ethernet activ\u00e9e",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SiPass integrated versions ant\u00e9rieures \u00e0 2.85",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "JT Utilities versions ant\u00e9rieures \u00e0 13.1.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) versions ant\u00e9rieures \u00e0 2.41",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Desigo PXC100-E.D toutes versions post\u00e9rieures \u00e0 2.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "ModelSim Simulation toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "APOGEE PXC Modular (P2 Ethernet) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC ITC2200 V3 versions ant\u00e9rieures \u00e0 3.2.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Desigo PXC12-E.D toutes versions post\u00e9rieures \u00e0 2.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Questa Simulation toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "JT Utilities versions ant\u00e9rieures \u00e0 13.0.3.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Teamcenter Active Workspace versions 5.0.x ant\u00e9rieures \u00e0 5.0.10",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Desigo PXC128-U toutes versions post\u00e9rieures \u00e0 2.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "APOGEE MEC (PPC) (P2 Ethernet) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC ITC1900 V3 PRO versions ant\u00e9rieures \u00e0 3.2.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Teamcenter Active Workspace versions 4.3.x ant\u00e9rieures \u00e0 V4.3.11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "APOGEE PXC Compact (BACnet) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) versions ant\u00e9rieures \u00e0 2.41",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "APOGEE MBC (PPC) (P2 Ethernet) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "APOGEE MBC (PPC) (BACnet) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC ITC1500 V3 PRO versions ant\u00e9rieures \u00e0 3.2.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC ITC1500 V3 versions ant\u00e9rieures \u00e0 3.2.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Desigo PXC64-U toutes versions post\u00e9rieures \u00e0 2.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-44443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44443"
    },
    {
      "name": "CVE-2021-31881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31881"
    },
    {
      "name": "CVE-2021-44444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44444"
    },
    {
      "name": "CVE-2021-44009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44009"
    },
    {
      "name": "CVE-2021-31888",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31888"
    },
    {
      "name": "CVE-2021-44447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44447"
    },
    {
      "name": "CVE-2018-20749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20749"
    },
    {
      "name": "CVE-2021-44013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44013"
    },
    {
      "name": "CVE-2021-31885",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31885"
    },
    {
      "name": "CVE-2021-31887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31887"
    },
    {
      "name": "CVE-2019-15690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15690"
    },
    {
      "name": "CVE-2021-44012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44012"
    },
    {
      "name": "CVE-2020-14396",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14396"
    },
    {
      "name": "CVE-2021-44001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44001"
    },
    {
      "name": "CVE-2020-14404",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14404"
    },
    {
      "name": "CVE-2021-44430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44430"
    },
    {
      "name": "CVE-2021-44440",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44440"
    },
    {
      "name": "CVE-2021-44432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44432"
    },
    {
      "name": "CVE-2021-44445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44445"
    },
    {
      "name": "CVE-2021-31884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31884"
    },
    {
      "name": "CVE-2021-44434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44434"
    },
    {
      "name": "CVE-2021-44449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44449"
    },
    {
      "name": "CVE-2019-15681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15681"
    },
    {
      "name": "CVE-2021-44435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44435"
    },
    {
      "name": "CVE-2021-42023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42023"
    },
    {
      "name": "CVE-2021-44442",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44442"
    },
    {
      "name": "CVE-2021-44002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44002"
    },
    {
      "name": "CVE-2021-44014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44014"
    },
    {
      "name": "CVE-2021-44436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44436"
    },
    {
      "name": "CVE-2021-31882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31882"
    },
    {
      "name": "CVE-2021-44438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44438"
    },
    {
      "name": "CVE-2021-44006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44006"
    },
    {
      "name": "CVE-2021-41547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41547"
    },
    {
      "name": "CVE-2021-44008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44008"
    },
    {
      "name": "CVE-2021-44017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44017"
    },
    {
      "name": "CVE-2021-44441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44441"
    },
    {
      "name": "CVE-2021-44011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44011"
    },
    {
      "name": "CVE-2018-20748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20748"
    },
    {
      "name": "CVE-2019-20788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20788"
    },
    {
      "name": "CVE-2021-44446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44446"
    },
    {
      "name": "CVE-2021-44010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44010"
    },
    {
      "name": "CVE-2021-44522",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44522"
    },
    {
      "name": "CVE-2021-44448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44448"
    },
    {
      "name": "CVE-2021-44523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44523"
    },
    {
      "name": "CVE-2019-20840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20840"
    },
    {
      "name": "CVE-2021-31346",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31346"
    },
    {
      "name": "CVE-2018-20750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20750"
    },
    {
      "name": "CVE-2021-42022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42022"
    },
    {
      "name": "CVE-2021-44433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44433"
    },
    {
      "name": "CVE-2021-44004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44004"
    },
    {
      "name": "CVE-2017-18922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-18922"
    },
    {
      "name": "CVE-2021-44524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44524"
    },
    {
      "name": "CVE-2021-44003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44003"
    },
    {
      "name": "CVE-2021-44007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44007"
    },
    {
      "name": "CVE-2021-42024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42024"
    },
    {
      "name": "CVE-2019-20839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20839"
    },
    {
      "name": "CVE-2021-44431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44431"
    },
    {
      "name": "CVE-2021-31889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31889"
    },
    {
      "name": "CVE-2021-44005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44005"
    },
    {
      "name": "CVE-2020-14402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14402"
    },
    {
      "name": "CVE-2020-14397",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14397"
    },
    {
      "name": "CVE-2021-31883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31883"
    },
    {
      "name": "CVE-2020-14398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14398"
    },
    {
      "name": "CVE-2020-14403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14403"
    },
    {
      "name": "CVE-2021-44439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44439"
    },
    {
      "name": "CVE-2021-44015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44015"
    },
    {
      "name": "CVE-2021-44437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44437"
    },
    {
      "name": "CVE-2021-31886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31886"
    },
    {
      "name": "CVE-2021-44450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44450"
    },
    {
      "name": "CVE-2021-42027",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42027"
    },
    {
      "name": "CVE-2021-31890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31890"
    },
    {
      "name": "CVE-2020-14405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14405"
    },
    {
      "name": "CVE-2021-31345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31345"
    },
    {
      "name": "CVE-2018-20019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20019"
    },
    {
      "name": "CVE-2018-15127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-15127"
    },
    {
      "name": "CVE-2018-21247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-21247"
    },
    {
      "name": "CVE-2021-44165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44165"
    },
    {
      "name": "CVE-2021-31344",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31344"
    },
    {
      "name": "CVE-2020-14401",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14401"
    }
  ],
  "initial_release_date": "2021-12-15T00:00:00",
  "last_revision_date": "2021-12-15T00:00:00",
  "links": [],
  "reference": "CERTFR-2021-AVI-949",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-12-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-620288 du 14 d\u00e9cembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-133772 du 14 d\u00e9cembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-133772.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-199605 du 14 d\u00e9cembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-199605.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-595101 du 14 d\u00e9cembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-595101.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-496292 du 14 d\u00e9cembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-400332 du 14 d\u00e9cembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-400332.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-463116 du 14 d\u00e9cembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-463116.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-523250 du 14 d\u00e9cembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-523250.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-352143 du 14 d\u00e9cembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-352143.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-390195 du 14 d\u00e9cembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-396621 du 14 d\u00e9cembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-396621.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-802578 du 14 d\u00e9cembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-802578.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-160202 du 14 d\u00e9cembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-160202.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-161331 du 14 d\u00e9cembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-161331.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-114589 du 14 d\u00e9cembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
    }
  ]
}

CNVD-2021-100368

Vulnerability from cnvd - Published: 2021-12-16

Title

POWER METER SICAM Q100远程代码执行漏洞

Description

POWER METER SICAM Q100是一种多功能设备，用于检测、报告和分析测量值和事件。 POWER METER SICAM Q100远程代码执行漏洞，远程攻击者可利用该漏洞执行远程代码。

Severity

高

Patch Name

POWER METER SICAM Q100远程代码执行漏洞的补丁

Patch Description

POWER METER SICAM Q100是一种多功能设备，用于检测、报告和分析测量值和事件。 POWER METER SICAM Q100远程代码执行漏洞，远程攻击者可利用该漏洞执行远程代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已提供漏洞修补方案，请关注厂商主页及时更新： https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf

Reference

https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf

Impacted products

Name
['SIEMENS POWER METER SICAM Q100 (7KG9501-0AA01- 0AA1) <V2.41', 'SIEMENS POWER METER SICAM Q100 (7KG9501-0AA01- 2AA1) <V2.41', 'SIEMENS POWER METER SICAM Q100 (7KG9501-0AA31- 2AA1) <V2.41']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-44165"
    }
  },
  "description": "POWER METER SICAM Q100\u662f\u4e00\u79cd\u591a\u529f\u80fd\u8bbe\u5907\uff0c\u7528\u4e8e\u68c0\u6d4b\u3001\u62a5\u544a\u548c\u5206\u6790\u6d4b\u91cf\u503c\u548c\u4e8b\u4ef6\u3002\n\nPOWER METER SICAM Q100\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u8fdc\u7a0b\u4ee3\u7801\u3002",
  "formalWay": "\u5382\u5546\u5df2\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u8865\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u53ca\u65f6\u66f4\u65b0\uff1a\r\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-100368",
  "openTime": "2021-12-16",
  "patchDescription": "POWER METER SICAM Q100\u662f\u4e00\u79cd\u591a\u529f\u80fd\u8bbe\u5907\uff0c\u7528\u4e8e\u68c0\u6d4b\u3001\u62a5\u544a\u548c\u5206\u6790\u6d4b\u91cf\u503c\u548c\u4e8b\u4ef6\u3002\r\n\r\nPOWER METER SICAM Q100\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u8fdc\u7a0b\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "POWER METER SICAM Q100\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "SIEMENS POWER METER SICAM Q100 (7KG9501-0AA01- 0AA1) \u003cV2.41",
      "SIEMENS POWER METER SICAM Q100 (7KG9501-0AA01- 2AA1) \u003cV2.41",
      "SIEMENS POWER METER SICAM Q100 (7KG9501-0AA31- 2AA1) \u003cV2.41"
    ]
  },
  "referenceLink": "https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf",
  "serverity": "\u9ad8",
  "submitTime": "2021-12-16",
  "title": "POWER METER SICAM Q100\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-44165 (GCVE-0-2021-44165)

FKIE_CVE-2021-44165

GHSA-RWP6-CPW3-HXXX

CVE-2021-44165

GSD-2021-44165

CERTFR-2021-AVI-949

Solution

CNVD-2021-100368

Tags

Sightings

Nomenclature