VYPR
← All advisories
Unrated severityNVD Advisory· Published Nov 9, 2021· Updated Aug 3, 2024

CVE-2021-31888

CVE-2021-31888

Description

A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “MKD/XMKD” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0018)

Affected products

26
  • Siemens/APOGEE MBC (PPC) (BACnet)v5
    Range: All versions
  • Siemens Foundation/APOGEE PXC Modular (P2 Ethernet)cpe-rescue3 versions
    All versions+ 2 more
    • (no CPE)range: All versions
    • (no CPE)range: All versions
    • (no CPE)range: All versions < V2.8.19
  • Siemens/APOGEE MEC (PPC) (BACnet)v5
    Range: All versions
  • Siemens Foundation/APOGEE PXC Compact (BACnet)cpe-rescue
    Range: All versions < V3.5.4
  • Siemens Foundation/APOGEE PXC Compact (P2 Ethernet)cpe-rescue
    Range: All versions < V2.8.19
  • Siemens Foundation/APOGEE PXC Modular (BACnet)cpe-rescue
    Range: All versions < V3.5.4
  • Siemens/Desigo PXC001-E.Dv5
    Range: All versions >= V2.3 and < V6.30.016
  • Siemens/Desigo PXC00-E.Dv5
    Range: All versions >= V2.3 and < V6.30.016
  • Siemens/Desigo PXC00-Uv5
    Range: All versions >= V2.3 and < V6.30.016
  • Siemens/Desigo PXC100-E.Dv5
    Range: All versions >= V2.3 and < V6.30.016
  • Siemens/Desigo PXC128-Uv5
    Range: All versions >= V2.3 and < V6.30.016
  • Siemens/Desigo PXC12-E.Dv5
    Range: All versions >= V2.3 and < V6.30.016
  • Siemens/Desigo PXC200-E.Dv5
    Range: All versions >= V2.3 and < V6.30.016
  • Siemens/Desigo PXC22.1-E.Dv5
    Range: All versions >= V2.3 and < V6.30.016
  • Siemens/Desigo PXC22-E.Dv5
    Range: All versions >= V2.3 and < V6.30.016
  • Siemens/Desigo PXC36.1-E.Dv5
    Range: All versions >= V2.3 and < V6.30.016
  • Siemens/Desigo PXC50-E.Dv5
    Range: All versions >= V2.3 and < V6.30.016
  • Siemens/Desigo PXC64-Uv5
    Range: All versions >= V2.3 and < V6.30.016
  • Siemens/Desigo PXM20-Ev5
    Range: All versions >= V2.3 and < V6.30.016
  • Siemens Foundation/Nucleus NETcpe-rescue
    Range: All versions
  • Siemens Foundation/Nucleus ReadyStart V3 V2012cpe-rescue
    Range: All versions < V2017.02.4
  • Siemens/Nucleus Source Codev5
    Range: All versions
  • Siemens Foundation/TALON TC Compact (BACnet)cpe-rescue
    Range: All versions < V3.5.4
  • Siemens Foundation/TALON TC Modular (BACnet)cpe-rescue
    Range: All versions < V3.5.4

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.