← Back

Simatic Rtu3041c Firmware

simatic_rtu3041c_firmware

Vendor: Siemens • 3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-37186
1Siemens
6Logo! Cmr2020 Firmware
Logo! Cmr2040 FirmwareSimatic Rtu3010c Firmware+3 more
Nov 21, 2024
Sep 14, 2021
N/A· v4
5.4 MEDIUM· v3
4.8 MEDIUM· v2
A vulnerability has been identified in LOGO! CMR2020 (All versions < V2.2), LOGO! CMR2040 (All versions < V2.2), SIMATIC RTU3010C (All versions < V4.0.9), SIMATIC RTU3030C (All versions < V4.0.9), SIMATIC RTU3031C (All v...Show more
A vulnerability has been identified in LOGO! CMR2020 (All versions < V2.2), LOGO! CMR2040 (All versions < V2.2), SIMATIC RTU3010C (All versions < V4.0.9), SIMATIC RTU3030C (All versions < V4.0.9), SIMATIC RTU3031C (All versions < V4.0.9), SIMATIC RTU3041C (All versions < V4.0.9). The underlying TCP/IP stack does not properly calculate the random numbers used as ISN (Initial Sequence Numbers). An adjacent attacker with network access to the LAN interface could interfere with traffic, spoof the connection and gain access to sensitive information.Show less
CVE-2020-36478
3Arm
DebianSiemens
8Debian Linux
Logo! Cmr2020 FirmwareLogo! Cmr2040 Firmware+5 more
Nov 21, 2024
Aug 23, 2021
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). A NULL algorithm parameters entry looks identical to an array of REAL (size zero) and thus the certificate is considered va...Show more
An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). A NULL algorithm parameters entry looks identical to an array of REAL (size zero) and thus the certificate is considered valid. However, if the parameters do not match in any way, then the certificate should be considered invalid.Show less
CVE-2020-36475
3Arm
DebianSiemens
8Debian Linux
Logo! Cmr2020 FirmwareLogo! Cmr2040 Firmware+5 more
Nov 21, 2024
Aug 23, 2021
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). The calculations performed by mbedtls_mpi_exp_mod are not limited; thus, supplying overly large parameters could lead to de...Show more
An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). The calculations performed by mbedtls_mpi_exp_mod are not limited; thus, supplying overly large parameters could lead to denial of service when generating Diffie-Hellman key pairs.Show less