← Back

CVE-2021-27388

nvd nist
Published: Jun 15, 2021Modified: Nov 21, 2024

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

SINAMICS medium voltage routable products are affected by a vulnerability in the Sm@rtServer component for remote access that could allow an unauthenticated attacker to cause a denial-of-service condition, and/or execution of limited configuration modifications and/or execution of limited control commands on the SINAMICS Medium Voltage Products, Remote Access (SINAMICS SL150: All versions, SINAMICS SM150: All versions, SINAMICS SM150i: All versions).

Affected (3)

Siemens
3 products
Sinamics Sl150 Firmware
Sinamics Sm150 Firmware
Sinamics Sm150i Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sinamics Sl150 Firmware
All versions
Running on/withPlatform Versions
Siemens
Sinamics Sl150
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sinamics Sm150 Firmware
All versions
Running on/withPlatform Versions
Siemens
Sinamics Sm150
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Sinamics Sm150i Firmware
All versions
Running on/withPlatform Versions
Siemens
Sinamics Sm150i
All versions

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (2)

Source: productcert@siemens.com
Not Applicable
Source: af854a3a-2127-422b-91ae-364da2661108
Not Applicable

Timeline

No history available yet.