High severity7.5NVD Advisory· Published Aug 19, 2021· Updated Jun 17, 2026
CVE-2021-31401
CVE-2021-31401
Description
An issue was discovered in tcp_rcv() in nptcp.c in HCC embedded InterNiche 4.0.1. The TCP header processing code doesn't sanitize the value of the IP total length field (header length + data length). With a crafted IP packet, an integer overflow occurs whenever the value of the IP data length is calculated by subtracting the length of the header from the total length of the IP packet.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- HCC embedded/InterNichedescription
- Range: = 4.0.1
- Range: = 4.0.1
Patches
Vulnerability mechanics
References
3- cert-portal.siemens.com/productcert/pdf/ssa-789208.pdfnvdMitigationThird Party Advisory
- www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/nvdMitigationThird Party Advisory
- www.kb.cert.org/vuls/id/608209nvdThird Party AdvisoryUS Government Resource
News mentions
0No linked articles in our index yet.