CVE-2021-31345
CVE-2021-31345
In short
A flaw in Capital Embedded AR Classic and PLUSCONTROL fails to validate the total length of UDP data packets, allowing attackers to send malformed packets that can expose sensitive information or crash the system.
Technical detail
The vulnerability exists in UDP payload length validation within the IP header; remote attackers can send crafted UDP packets with invalid length fields to trigger information disclosure or denial-of-service conditions in dependent applications. Exploitation requires network access to the affected device and depends on the specific application layer implementation.
Summary generated and translated by AI from the official description.
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions). The total length of an UDP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on a user-defined applications that runs on top of the UDP protocol. (FSMD-2021-0006)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected products
Siemens · Capital Embedded AR Classic 431-422Siemens · Capital Embedded AR Classic R20-11Siemens · PLUSCONTROL 1st GenWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://cert-portal.siemens.com/productcert/html/ssa-044112.htmlhttps://cert-portal.siemens.com/productcert/html/ssa-114589.htmlhttps://cert-portal.siemens.com/productcert/html/ssa-620288.htmlhttps://cert-portal.siemens.com/productcert/html/ssa-845392.htmlhttps://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdfhttps://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdfhttps://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdfhttps://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf