High severity7.5NVD Advisory· Published Nov 9, 2021· Updated Jun 17, 2026
CVE-2021-31889
CVE-2021-31889
Description
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0). Malformed TCP packets with a corrupted SACK option leads to Information Leaks and Denial-of-Service conditions. (FSMD-2021-0015)
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8< V0.5.0.0+ 1 more
- (no CPE)range: < V0.5.0.0
- (no CPE)range: All versions < V0.5.0.0
All versions+ 1 more
- (no CPE)range: All versions
- (no CPE)range: 0
< V2303+ 1 more
- (no CPE)range: < V2303
- (no CPE)range: 0
All versions+ 1 more
- (no CPE)range: All versions
- (no CPE)range: All versions
Patches
Vulnerability mechanics
References
10- cert-portal.siemens.com/productcert/pdf/ssa-044112.pdfnvdVendor Advisory
- cert-portal.siemens.com/productcert/pdf/ssa-114589.pdfnvdVendor Advisory
- cert-portal.siemens.com/productcert/html/ssa-044112.htmlnvd
- cert-portal.siemens.com/productcert/html/ssa-114589.htmlnvd
- cert-portal.siemens.com/productcert/html/ssa-223353.htmlnvd
- cert-portal.siemens.com/productcert/html/ssa-620288.htmlnvd
- cert-portal.siemens.com/productcert/html/ssa-845392.htmlnvd
- cert-portal.siemens.com/productcert/pdf/ssa-223353.pdfnvd
- cert-portal.siemens.com/productcert/pdf/ssa-620288.pdfnvd
- cert-portal.siemens.com/productcert/pdf/ssa-845392.pdfnvd
News mentions
0No linked articles in our index yet.