← Back

CVE-2021-27385

nvd nist
Published: May 12, 2021Modified: Jun 2, 2026

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition.

Affected (129)

Siemens
18 products
Simatic Wincc Runtime Advanced
Sinamics Sh150 Firmware
Sinamics Sm150i Firmware
Sinamics Gh150 Firmware
Sinamics Gl150 Firmware
Sinamics Gm150 Firmware
Sinamics Sl150 Firmware
Sinamics Sm120 Firmware
Sinamics Sm150 Firmware
Simatic Hmi Comfort Outdoor Panels 7" Firmware
Simatic Hmi Comfort Outdoor Panels 15" Firmware
Simatic Hmi Comfort Panels 4" Firmware
Simatic Hmi Comfort Panels 22" Firmware
Simatic Hmi Ktp Mobile Panels Ktp400f Firmware
Simatic Hmi Ktp Mobile Panels Ktp700 Firmware
Simatic Hmi Ktp Mobile Panels Ktp700f Firmware
Simatic Hmi Ktp Mobile Panels Ktp900 Firmware
Simatic Hmi Ktp Mobile Panels Ktp900f Firmware
Configuration A
5 vulnerable
Vulnerable SoftwareAffected Versions
Siemens
Simatic Wincc Runtime Advanced
Before 16
Simatic Wincc Runtime Advanced
Version 16
Simatic Wincc Runtime Advanced
Version 16 update1
Simatic Wincc Runtime Advanced
Version 16 update2
Simatic Wincc Runtime Advanced
Version 16 update3
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sinamics Sh150 Firmware
All versions
Running on/withPlatform Versions
Siemens
Sinamics Sh150
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sinamics Sm150i Firmware
All versions
Running on/withPlatform Versions
Siemens
Sinamics Sm150i
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sinamics Gh150 Firmware
All versions
Running on/withPlatform Versions
Siemens
Sinamics Gh150
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sinamics Gl150 Firmware
All versions
Running on/withPlatform Versions
Siemens
Sinamics Gl150
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sinamics Gm150 Firmware
All versions
Running on/withPlatform Versions
Siemens
Sinamics Gm150
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sinamics Sl150 Firmware
All versions
Running on/withPlatform Versions
Siemens
Sinamics Sl150
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sinamics Sm120 Firmware
All versions
Running on/withPlatform Versions
Siemens
Sinamics Sm120
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sinamics Sm150 Firmware
All versions
Running on/withPlatform Versions
Siemens
Sinamics Sm150
All versions
Configuration J
5 vulnerable
Vulnerable SoftwareAffected Versions
Siemens
Simatic Hmi Comfort Outdoor Panels 7" Firmware
Before 16
Simatic Hmi Comfort Outdoor Panels 7" Firmware
Version 16
Simatic Hmi Comfort Outdoor Panels 7" Firmware
Version 16 update1
Simatic Hmi Comfort Outdoor Panels 7" Firmware
Version 16 update2
Simatic Hmi Comfort Outdoor Panels 7" Firmware
Version 16 update3
Configuration K
6 vulnerable
Vulnerable SoftwareAffected Versions
Siemens
Simatic Hmi Comfort Outdoor Panels 15" Firmware
Before 16
Simatic Hmi Comfort Outdoor Panels 15" Firmware
Version 16
Simatic Hmi Comfort Outdoor Panels 15" Firmware
Version 16
Simatic Hmi Comfort Outdoor Panels 15" Firmware
Version 16 update1
Simatic Hmi Comfort Outdoor Panels 15" Firmware
Version 16 update2
Simatic Hmi Comfort Outdoor Panels 15" Firmware
Version 16 update3
Configuration L
5 vulnerable
Vulnerable SoftwareAffected Versions
Siemens
Simatic Hmi Comfort Panels 4" Firmware
Before 16
Simatic Hmi Comfort Panels 4" Firmware
Version 16
Simatic Hmi Comfort Panels 4" Firmware
Version 16 update1
Simatic Hmi Comfort Panels 4" Firmware
Version 16 update2
Simatic Hmi Comfort Panels 4" Firmware
Version 16 update3
Configuration M
5 vulnerable
Vulnerable SoftwareAffected Versions
Siemens
Simatic Hmi Comfort Panels 22" Firmware
Before 16
Simatic Hmi Comfort Panels 22" Firmware
Version 16
Simatic Hmi Comfort Panels 22" Firmware
Version 16 update1
Simatic Hmi Comfort Panels 22" Firmware
Version 16 update2
Simatic Hmi Comfort Panels 22" Firmware
Version 16 update3
Configuration N
5 vulnerable
Vulnerable SoftwareAffected Versions
Siemens
Simatic Hmi Ktp Mobile Panels Ktp400f Firmware
Before 16
Simatic Hmi Ktp Mobile Panels Ktp400f Firmware
Version 16
Simatic Hmi Ktp Mobile Panels Ktp400f Firmware
Version 16 update1
Simatic Hmi Ktp Mobile Panels Ktp400f Firmware
Version 16 update2
Simatic Hmi Ktp Mobile Panels Ktp400f Firmware
Version 16 update3
Configuration O
5 vulnerable
Vulnerable SoftwareAffected Versions
Siemens
Simatic Hmi Ktp Mobile Panels Ktp700 Firmware
Before 16
Simatic Hmi Ktp Mobile Panels Ktp700 Firmware
Version 16
Simatic Hmi Ktp Mobile Panels Ktp700 Firmware
Version 16 update1
Simatic Hmi Ktp Mobile Panels Ktp700 Firmware
Version 16 update2
Simatic Hmi Ktp Mobile Panels Ktp700 Firmware
Version 16 update3
Configuration P
5 vulnerable
Vulnerable SoftwareAffected Versions
Siemens
Simatic Hmi Ktp Mobile Panels Ktp700f Firmware
Before 16
Simatic Hmi Ktp Mobile Panels Ktp700f Firmware
Version 16
Simatic Hmi Ktp Mobile Panels Ktp700f Firmware
Version 16 update1
Simatic Hmi Ktp Mobile Panels Ktp700f Firmware
Version 16 update2
Simatic Hmi Ktp Mobile Panels Ktp700f Firmware
Version 16 update3
Configuration Q
5 vulnerable
Vulnerable SoftwareAffected Versions
Siemens
Simatic Hmi Ktp Mobile Panels Ktp900 Firmware
Before 16
Simatic Hmi Ktp Mobile Panels Ktp900 Firmware
Version 16
Simatic Hmi Ktp Mobile Panels Ktp900 Firmware
Version 16 update1
Simatic Hmi Ktp Mobile Panels Ktp900 Firmware
Version 16 update2
Simatic Hmi Ktp Mobile Panels Ktp900 Firmware
Version 16 update3
Configuration R
5 vulnerable
Vulnerable SoftwareAffected Versions
Siemens
Simatic Hmi Ktp Mobile Panels Ktp900f Firmware
Before 16
Simatic Hmi Ktp Mobile Panels Ktp900f Firmware
Version 16
Simatic Hmi Ktp Mobile Panels Ktp900f Firmware
Version 16 update1
Simatic Hmi Ktp Mobile Panels Ktp900f Firmware
Version 16 update2
Simatic Hmi Ktp Mobile Panels Ktp900f Firmware
Version 16 update3
Configuration S
7 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Siemens
Simatic Hmi Comfort Outdoor Panels 7" Firmware
Before 15.1
Simatic Hmi Comfort Outdoor Panels 7" Firmware
Version 15.1
Simatic Hmi Comfort Outdoor Panels 7" Firmware
Version 15.1 update1
Simatic Hmi Comfort Outdoor Panels 7" Firmware
Version 15.1 update2
Simatic Hmi Comfort Outdoor Panels 7" Firmware
Version 15.1 update3
Simatic Hmi Comfort Outdoor Panels 7" Firmware
Version 15.1 update4
Simatic Hmi Comfort Outdoor Panels 7" Firmware
Version 15.1 update5
Running on/withPlatform Versions
Siemens
Simatic Hmi Comfort Outdoor Panels 7"
All versions
Configuration T
7 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Siemens
Simatic Hmi Comfort Outdoor Panels 15" Firmware
Before 15.1
Simatic Hmi Comfort Outdoor Panels 15" Firmware
Version 15.1
Simatic Hmi Comfort Outdoor Panels 15" Firmware
Version 15.1 update1
Simatic Hmi Comfort Outdoor Panels 15" Firmware
Version 15.1 update2
Simatic Hmi Comfort Outdoor Panels 15" Firmware
Version 15.1 update3
Simatic Hmi Comfort Outdoor Panels 15" Firmware
Version 15.1 update4
Simatic Hmi Comfort Outdoor Panels 15" Firmware
Version 15.1 update5
Running on/withPlatform Versions
Siemens
Simatic Hmi Comfort Outdoor Panels 15"
All versions
Configuration U
7 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Siemens
Simatic Hmi Comfort Panels 4" Firmware
Before 15.1
Simatic Hmi Comfort Panels 4" Firmware
Version 15.1
Simatic Hmi Comfort Panels 4" Firmware
Version 15.1 update1
Simatic Hmi Comfort Panels 4" Firmware
Version 15.1 update2
Simatic Hmi Comfort Panels 4" Firmware
Version 15.1 update3
Simatic Hmi Comfort Panels 4" Firmware
Version 15.1 update4
Simatic Hmi Comfort Panels 4" Firmware
Version 15.1 update5
Running on/withPlatform Versions
Siemens
Simatic Hmi Comfort Panels 4"
All versions
Configuration V
7 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Siemens
Simatic Hmi Comfort Panels 22" Firmware
Before 15.1
Simatic Hmi Comfort Panels 22" Firmware
Version 15.1
Simatic Hmi Comfort Panels 22" Firmware
Version 15.1 update1
Simatic Hmi Comfort Panels 22" Firmware
Version 15.1 update2
Simatic Hmi Comfort Panels 22" Firmware
Version 15.1 update3
Simatic Hmi Comfort Panels 22" Firmware
Version 15.1 update4
Simatic Hmi Comfort Panels 22" Firmware
Version 15.1 update5
Running on/withPlatform Versions
Siemens
Simatic Hmi Comfort Panels 22"
All versions
Configuration W
7 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Siemens
Simatic Hmi Ktp Mobile Panels Ktp400f Firmware
Before 15.1
Simatic Hmi Ktp Mobile Panels Ktp400f Firmware
Version 15.1
Simatic Hmi Ktp Mobile Panels Ktp400f Firmware
Version 15.1 update1
Simatic Hmi Ktp Mobile Panels Ktp400f Firmware
Version 15.1 update2
Simatic Hmi Ktp Mobile Panels Ktp400f Firmware
Version 15.1 update3
Simatic Hmi Ktp Mobile Panels Ktp400f Firmware
Version 15.1 update4
Simatic Hmi Ktp Mobile Panels Ktp400f Firmware
Version 15.1 update5
Running on/withPlatform Versions
Siemens
Simatic Hmi Ktp Mobile Panels Ktp400f
All versions
Configuration X
7 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Siemens
Simatic Hmi Ktp Mobile Panels Ktp700 Firmware
Before 15.1
Simatic Hmi Ktp Mobile Panels Ktp700 Firmware
Version 15.1
Simatic Hmi Ktp Mobile Panels Ktp700 Firmware
Version 15.1 update1
Simatic Hmi Ktp Mobile Panels Ktp700 Firmware
Version 15.1 update2
Simatic Hmi Ktp Mobile Panels Ktp700 Firmware
Version 15.1 update3
Simatic Hmi Ktp Mobile Panels Ktp700 Firmware
Version 15.1 update4
Simatic Hmi Ktp Mobile Panels Ktp700 Firmware
Version 15.1 update5
Running on/withPlatform Versions
Siemens
Simatic Hmi Ktp Mobile Panels Ktp700
All versions
Configuration Y
7 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Siemens
Simatic Hmi Ktp Mobile Panels Ktp700f Firmware
Before 15.1
Simatic Hmi Ktp Mobile Panels Ktp700f Firmware
Version 15.1
Simatic Hmi Ktp Mobile Panels Ktp700f Firmware
Version 15.1 update1
Simatic Hmi Ktp Mobile Panels Ktp700f Firmware
Version 15.1 update2
Simatic Hmi Ktp Mobile Panels Ktp700f Firmware
Version 15.1 update3
Simatic Hmi Ktp Mobile Panels Ktp700f Firmware
Version 15.1 update4
Simatic Hmi Ktp Mobile Panels Ktp700f Firmware
Version 15.1 update5
Running on/withPlatform Versions
Siemens
Simatic Hmi Ktp Mobile Panels Ktp700f
All versions
Configuration Z
7 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Siemens
Simatic Hmi Ktp Mobile Panels Ktp900 Firmware
Before 15.1
Simatic Hmi Ktp Mobile Panels Ktp900 Firmware
Version 15.1
Simatic Hmi Ktp Mobile Panels Ktp900 Firmware
Version 15.1 update1
Simatic Hmi Ktp Mobile Panels Ktp900 Firmware
Version 15.1 update2
Simatic Hmi Ktp Mobile Panels Ktp900 Firmware
Version 15.1 update3
Simatic Hmi Ktp Mobile Panels Ktp900 Firmware
Version 15.1 update4
Simatic Hmi Ktp Mobile Panels Ktp900 Firmware
Version 15.1 update5
Running on/withPlatform Versions
Siemens
Simatic Hmi Ktp Mobile Panels Ktp900
All versions
Configuration A
7 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Siemens
Simatic Hmi Ktp Mobile Panels Ktp900f Firmware
Before 15.1
Simatic Hmi Ktp Mobile Panels Ktp900f Firmware
Version 15.1
Simatic Hmi Ktp Mobile Panels Ktp900f Firmware
Version 15.1 update1
Simatic Hmi Ktp Mobile Panels Ktp900f Firmware
Version 15.1 update2
Simatic Hmi Ktp Mobile Panels Ktp900f Firmware
Version 15.1 update3
Simatic Hmi Ktp Mobile Panels Ktp900f Firmware
Version 15.1 update4
Simatic Hmi Ktp Mobile Panels Ktp900f Firmware
Version 15.1 update5
Running on/withPlatform Versions
Siemens
Simatic Hmi Ktp Mobile Panels Ktp900f
All versions
Configuration B
7 vulnerable
Vulnerable SoftwareAffected Versions
Siemens
Simatic Wincc Runtime Advanced
Before 15.1
Simatic Wincc Runtime Advanced
Version 15.1
Simatic Wincc Runtime Advanced
Version 15.1 update1
Simatic Wincc Runtime Advanced
Version 15.1 update2
Simatic Wincc Runtime Advanced
Version 15.1 update3
Simatic Wincc Runtime Advanced
Version 15.1 update4
Simatic Wincc Runtime Advanced
Version 15.1 update5

Related CWEs

CWE-400
Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

References (6)

Source: productcert@siemens.com
Vendor Advisory
Source: productcert@siemens.com
Vendor Advisory
Source: productcert@siemens.com
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource

Timeline

No history available yet.