CVE-2021-25660

Published: May 12, 2021Modified: Jun 2, 2026

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition.

Affected (121)

Products: Siemens: Simatic Hmi Comfort Outdoor Panels 7" Firmware, Simatic Hmi Comfort Outdoor Panels 15" Firmware, Simatic Hmi Comfort Panels 4" Firmware, Simatic Hmi Comfort Panels 22" Firmware, Simatic Hmi Ktp Mobile Panels Ktp400f Firmware, Simatic Hmi Ktp Mobile Panels Ktp700 Firmware, Simatic Hmi Ktp Mobile Panels Ktp700f Firmware, Simatic Hmi Ktp Mobile Panels Ktp900 Firmware, Simatic Hmi Ktp Mobile Panels Ktp900f Firmware, Simatic Wincc Runtime Advanced

Siemens

10 products

Simatic Hmi Comfort Outdoor Panels 7" Firmware

Simatic Hmi Comfort Outdoor Panels 15" Firmware

Simatic Hmi Comfort Panels 4" Firmware

Simatic Hmi Comfort Panels 22" Firmware

Simatic Hmi Ktp Mobile Panels Ktp400f Firmware

Simatic Hmi Ktp Mobile Panels Ktp700 Firmware

Simatic Hmi Ktp Mobile Panels Ktp700f Firmware

Simatic Hmi Ktp Mobile Panels Ktp900 Firmware

Simatic Hmi Ktp Mobile Panels Ktp900f Firmware

Simatic Wincc Runtime Advanced

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Comfort Outdoor Panels 7" Firmware	Before 16
Siemens Simatic Hmi Comfort Outdoor Panels 7" Firmware	Version 16
Siemens Simatic Hmi Comfort Outdoor Panels 7" Firmware	Version 16 update1
Siemens Simatic Hmi Comfort Outdoor Panels 7" Firmware	Version 16 update2
Siemens Simatic Hmi Comfort Outdoor Panels 7" Firmware	Version 16 update3

Configuration B

6 vulnerable

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Comfort Outdoor Panels 15" Firmware	Before 16
Siemens Simatic Hmi Comfort Outdoor Panels 15" Firmware	Version 16
Siemens Simatic Hmi Comfort Outdoor Panels 15" Firmware	Version 16
Siemens Simatic Hmi Comfort Outdoor Panels 15" Firmware	Version 16 update1
Siemens Simatic Hmi Comfort Outdoor Panels 15" Firmware	Version 16 update2
Siemens Simatic Hmi Comfort Outdoor Panels 15" Firmware	Version 16 update3

Configuration C

5 vulnerable

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Comfort Panels 4" Firmware	Before 16
Siemens Simatic Hmi Comfort Panels 4" Firmware	Version 16
Siemens Simatic Hmi Comfort Panels 4" Firmware	Version 16 update1
Siemens Simatic Hmi Comfort Panels 4" Firmware	Version 16 update2
Siemens Simatic Hmi Comfort Panels 4" Firmware	Version 16 update3

Configuration D

5 vulnerable

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Comfort Panels 22" Firmware	Before 16
Siemens Simatic Hmi Comfort Panels 22" Firmware	Version 16
Siemens Simatic Hmi Comfort Panels 22" Firmware	Version 16 update1
Siemens Simatic Hmi Comfort Panels 22" Firmware	Version 16 update2
Siemens Simatic Hmi Comfort Panels 22" Firmware	Version 16 update3

Configuration E

5 vulnerable

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Ktp Mobile Panels Ktp400f Firmware	Before 16
Siemens Simatic Hmi Ktp Mobile Panels Ktp400f Firmware	Version 16
Siemens Simatic Hmi Ktp Mobile Panels Ktp400f Firmware	Version 16 update1
Siemens Simatic Hmi Ktp Mobile Panels Ktp400f Firmware	Version 16 update2
Siemens Simatic Hmi Ktp Mobile Panels Ktp400f Firmware	Version 16 update3

Configuration F

5 vulnerable

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Ktp Mobile Panels Ktp700 Firmware	Before 16
Siemens Simatic Hmi Ktp Mobile Panels Ktp700 Firmware	Version 16
Siemens Simatic Hmi Ktp Mobile Panels Ktp700 Firmware	Version 16 update1
Siemens Simatic Hmi Ktp Mobile Panels Ktp700 Firmware	Version 16 update2
Siemens Simatic Hmi Ktp Mobile Panels Ktp700 Firmware	Version 16 update3

Configuration G

5 vulnerable

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Ktp Mobile Panels Ktp700f Firmware	Before 16
Siemens Simatic Hmi Ktp Mobile Panels Ktp700f Firmware	Version 16
Siemens Simatic Hmi Ktp Mobile Panels Ktp700f Firmware	Version 16 update1
Siemens Simatic Hmi Ktp Mobile Panels Ktp700f Firmware	Version 16 update2
Siemens Simatic Hmi Ktp Mobile Panels Ktp700f Firmware	Version 16 update3

Configuration H

5 vulnerable

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Ktp Mobile Panels Ktp900 Firmware	Before 16
Siemens Simatic Hmi Ktp Mobile Panels Ktp900 Firmware	Version 16
Siemens Simatic Hmi Ktp Mobile Panels Ktp900 Firmware	Version 16 update1
Siemens Simatic Hmi Ktp Mobile Panels Ktp900 Firmware	Version 16 update2
Siemens Simatic Hmi Ktp Mobile Panels Ktp900 Firmware	Version 16 update3

Configuration I

5 vulnerable

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Ktp Mobile Panels Ktp900f Firmware	Before 16
Siemens Simatic Hmi Ktp Mobile Panels Ktp900f Firmware	Version 16
Siemens Simatic Hmi Ktp Mobile Panels Ktp900f Firmware	Version 16 update1
Siemens Simatic Hmi Ktp Mobile Panels Ktp900f Firmware	Version 16 update2
Siemens Simatic Hmi Ktp Mobile Panels Ktp900f Firmware	Version 16 update3

Configuration J

5 vulnerable

Vulnerable Software	Affected Versions
Siemens Simatic Wincc Runtime Advanced	Before 16
Siemens Simatic Wincc Runtime Advanced	Version 16
Siemens Simatic Wincc Runtime Advanced	Version 16 update1
Siemens Simatic Wincc Runtime Advanced	Version 16 update2
Siemens Simatic Wincc Runtime Advanced	Version 16 update3

Configuration K

7 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Comfort Outdoor Panels 7" Firmware	Before 15.1
Siemens Simatic Hmi Comfort Outdoor Panels 7" Firmware	Version 15.1
Siemens Simatic Hmi Comfort Outdoor Panels 7" Firmware	Version 15.1 update1
Siemens Simatic Hmi Comfort Outdoor Panels 7" Firmware	Version 15.1 update2
Siemens Simatic Hmi Comfort Outdoor Panels 7" Firmware	Version 15.1 update3
Siemens Simatic Hmi Comfort Outdoor Panels 7" Firmware	Version 15.1 update4
Siemens Simatic Hmi Comfort Outdoor Panels 7" Firmware	Version 15.1 update5

Running on/with	Platform Versions
Siemens Simatic Hmi Comfort Outdoor Panels 7"	All versions

Configuration L

7 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Comfort Outdoor Panels 15" Firmware	Before 15.1
Siemens Simatic Hmi Comfort Outdoor Panels 15" Firmware	Version 15.1
Siemens Simatic Hmi Comfort Outdoor Panels 15" Firmware	Version 15.1 update1
Siemens Simatic Hmi Comfort Outdoor Panels 15" Firmware	Version 15.1 update2
Siemens Simatic Hmi Comfort Outdoor Panels 15" Firmware	Version 15.1 update3
Siemens Simatic Hmi Comfort Outdoor Panels 15" Firmware	Version 15.1 update4
Siemens Simatic Hmi Comfort Outdoor Panels 15" Firmware	Version 15.1 update5

Running on/with	Platform Versions
Siemens Simatic Hmi Comfort Outdoor Panels 15"	All versions

Configuration M

7 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Comfort Panels 4" Firmware	Before 15.1
Siemens Simatic Hmi Comfort Panels 4" Firmware	Version 15.1
Siemens Simatic Hmi Comfort Panels 4" Firmware	Version 15.1 update1
Siemens Simatic Hmi Comfort Panels 4" Firmware	Version 15.1 update2
Siemens Simatic Hmi Comfort Panels 4" Firmware	Version 15.1 update3
Siemens Simatic Hmi Comfort Panels 4" Firmware	Version 15.1 update4
Siemens Simatic Hmi Comfort Panels 4" Firmware	Version 15.1 update5

Running on/with	Platform Versions
Siemens Simatic Hmi Comfort Panels 4"	All versions

Configuration N

7 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Comfort Panels 22" Firmware	Before 15.1
Siemens Simatic Hmi Comfort Panels 22" Firmware	Version 15.1
Siemens Simatic Hmi Comfort Panels 22" Firmware	Version 15.1 update1
Siemens Simatic Hmi Comfort Panels 22" Firmware	Version 15.1 update2
Siemens Simatic Hmi Comfort Panels 22" Firmware	Version 15.1 update3
Siemens Simatic Hmi Comfort Panels 22" Firmware	Version 15.1 update4
Siemens Simatic Hmi Comfort Panels 22" Firmware	Version 15.1 update5

Running on/with	Platform Versions
Siemens Simatic Hmi Comfort Panels 22"	All versions

Configuration O

7 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Ktp Mobile Panels Ktp400f Firmware	Before 15.1
Siemens Simatic Hmi Ktp Mobile Panels Ktp400f Firmware	Version 15.1
Siemens Simatic Hmi Ktp Mobile Panels Ktp400f Firmware	Version 15.1 update1
Siemens Simatic Hmi Ktp Mobile Panels Ktp400f Firmware	Version 15.1 update2
Siemens Simatic Hmi Ktp Mobile Panels Ktp400f Firmware	Version 15.1 update3
Siemens Simatic Hmi Ktp Mobile Panels Ktp400f Firmware	Version 15.1 update4
Siemens Simatic Hmi Ktp Mobile Panels Ktp400f Firmware	Version 15.1 update5

Running on/with	Platform Versions
Siemens Simatic Hmi Ktp Mobile Panels Ktp400f	All versions

Configuration P

7 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Ktp Mobile Panels Ktp700 Firmware	Before 15.1
Siemens Simatic Hmi Ktp Mobile Panels Ktp700 Firmware	Version 15.1
Siemens Simatic Hmi Ktp Mobile Panels Ktp700 Firmware	Version 15.1 update1
Siemens Simatic Hmi Ktp Mobile Panels Ktp700 Firmware	Version 15.1 update2
Siemens Simatic Hmi Ktp Mobile Panels Ktp700 Firmware	Version 15.1 update3
Siemens Simatic Hmi Ktp Mobile Panels Ktp700 Firmware	Version 15.1 update4
Siemens Simatic Hmi Ktp Mobile Panels Ktp700 Firmware	Version 15.1 update5

Running on/with	Platform Versions
Siemens Simatic Hmi Ktp Mobile Panels Ktp700	All versions

Configuration Q

7 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Ktp Mobile Panels Ktp700f Firmware	Before 15.1
Siemens Simatic Hmi Ktp Mobile Panels Ktp700f Firmware	Version 15.1
Siemens Simatic Hmi Ktp Mobile Panels Ktp700f Firmware	Version 15.1 update1
Siemens Simatic Hmi Ktp Mobile Panels Ktp700f Firmware	Version 15.1 update2
Siemens Simatic Hmi Ktp Mobile Panels Ktp700f Firmware	Version 15.1 update3
Siemens Simatic Hmi Ktp Mobile Panels Ktp700f Firmware	Version 15.1 update4
Siemens Simatic Hmi Ktp Mobile Panels Ktp700f Firmware	Version 15.1 update5

Running on/with	Platform Versions
Siemens Simatic Hmi Ktp Mobile Panels Ktp700f	All versions

Configuration R

7 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Ktp Mobile Panels Ktp900 Firmware	Before 15.1
Siemens Simatic Hmi Ktp Mobile Panels Ktp900 Firmware	Version 15.1
Siemens Simatic Hmi Ktp Mobile Panels Ktp900 Firmware	Version 15.1 update1
Siemens Simatic Hmi Ktp Mobile Panels Ktp900 Firmware	Version 15.1 update2
Siemens Simatic Hmi Ktp Mobile Panels Ktp900 Firmware	Version 15.1 update3
Siemens Simatic Hmi Ktp Mobile Panels Ktp900 Firmware	Version 15.1 update4
Siemens Simatic Hmi Ktp Mobile Panels Ktp900 Firmware	Version 15.1 update5

Running on/with	Platform Versions
Siemens Simatic Hmi Ktp Mobile Panels Ktp900	All versions

Configuration S

7 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Hmi Ktp Mobile Panels Ktp900f Firmware	Before 15.1
Siemens Simatic Hmi Ktp Mobile Panels Ktp900f Firmware	Version 15.1
Siemens Simatic Hmi Ktp Mobile Panels Ktp900f Firmware	Version 15.1 update1
Siemens Simatic Hmi Ktp Mobile Panels Ktp900f Firmware	Version 15.1 update2
Siemens Simatic Hmi Ktp Mobile Panels Ktp900f Firmware	Version 15.1 update3
Siemens Simatic Hmi Ktp Mobile Panels Ktp900f Firmware	Version 15.1 update4
Siemens Simatic Hmi Ktp Mobile Panels Ktp900f Firmware	Version 15.1 update5

Running on/with	Platform Versions
Siemens Simatic Hmi Ktp Mobile Panels Ktp900f	All versions

Configuration T

7 vulnerable

Vulnerable Software	Affected Versions
Siemens Simatic Wincc Runtime Advanced	Before 15.1
Siemens Simatic Wincc Runtime Advanced	Version 15.1
Siemens Simatic Wincc Runtime Advanced	Version 15.1 update1
Siemens Simatic Wincc Runtime Advanced	Version 15.1 update2
Siemens Simatic Wincc Runtime Advanced	Version 15.1 update3
Siemens Simatic Wincc Runtime Advanced	Version 15.1 update4
Siemens Simatic Wincc Runtime Advanced	Version 15.1 update5

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

CWE-788

Access of Memory Location After End of Buffer

The product reads or writes to a buffer using an index or pointer that references a memory location after the end of the buffer.

References (2)

https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf

Source: productcert@siemens.com

PatchVendor Advisory

https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.