NVD

CVE-2021-27383 Detail

Description

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition.

Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.

CVSS 4.0 Severity and Vector Strings:

NIST: NVD

N/A

NVD assessment not yet provided.

CVSS 3.x Severity and Vector Strings:

NIST: NVD

Base Score: 7.5 HIGH

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS 2.0 Severity and Vector Strings:

National Institute of Standards and Technology

NIST: NVD

Base Score: 5.0 MEDIUM

Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink	Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf	Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf	Vendor Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12	Third Party Advisory US Government Resource

Weakness Enumeration

CWE-ID	CWE Name	Source
CWE-770	Allocation of Resources Without Limits or Throttling	NIST Siemens AG

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

7 change records found show changes

Modified Analysis by NIST 12/16/2021 1:29:27 PM

Action	Type	Old Value	New Value
Added	CPE Configuration		Record truncated, showing 500 of 841 characters. View Entire Change Record AND OR cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\"_firmware::::::::* versions up to (excluding) 15.1 cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\"_firmware:15.1:-::::::* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\"_firmware:15.1:update1::::::* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\"_firmware:15.1:update2::::::* *cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_pa
Added	CPE Configuration		Record truncated, showing 500 of 720 characters. View Entire Change Record AND OR cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\"_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\"_firmware:16::::::: cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\"_firmware:16:-::::::* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\"_firmware:16:update1::::::* *cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\"_firm
Added	CPE Configuration		Record truncated, showing 500 of 833 characters. View Entire Change Record AND OR cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\"_firmware::::::::* versions up to (excluding) 15.1 cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\"_firmware:15.1:-::::::* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\"_firmware:15.1:update1::::::* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\"_firmware:15.1:update2::::::* *cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels
Added	CPE Configuration		Record truncated, showing 500 of 619 characters. View Entire Change Record AND OR cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\"_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\"_firmware:16:-::::::* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\"_firmware:16:update1::::::* cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\"_firmware:16:update2::::::* *cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\"_fir
Added	CPE Configuration		Record truncated, showing 500 of 777 characters. View Entire Change Record AND OR cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\"_firmware::::::::* versions up to (excluding) 15.1 cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\"_firmware:15.1:-::::::* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\"_firmware:15.1:update1::::::* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\"_firmware:15.1:update2::::::* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\"_firmware:15.1:update3::::*:
Added	CPE Configuration		Record truncated, showing 500 of 577 characters. View Entire Change Record AND OR cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\"_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\"_firmware:16:-::::::* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\"_firmware:16:update1::::::* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\"_firmware:16:update2::::::* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\"_firmware:16:update3::::::* O
Added	CPE Configuration		Record truncated, showing 500 of 769 characters. View Entire Change Record AND OR cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\"_firmware::::::::* versions up to (excluding) 15.1 cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\"_firmware:15.1:-::::::* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\"_firmware:15.1:update1::::::* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\"_firmware:15.1:update2::::::* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\"_firmware:15.1:update3::::::*
Added	CPE Configuration		Record truncated, showing 500 of 571 characters. View Entire Change Record AND OR cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\"_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\"_firmware:16:-::::::* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\"_firmware:16:update1::::::* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\"_firmware:16:update2::::::* cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\"_firmware:16:update3::::::* OR
Added	CPE Configuration		Record truncated, showing 500 of 825 characters. View Entire Change Record AND OR cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware::::::::* versions up to (excluding) 15.1 cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-::::::* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update1::::::* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update2::::::* *cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_
Added	CPE Configuration		Record truncated, showing 500 of 613 characters. View Entire Change Record AND OR cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-::::::* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update1::::::* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update2::::::* *cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware
Added	CPE Configuration		Record truncated, showing 500 of 817 characters. View Entire Change Record AND OR cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware::::::::* versions up to (excluding) 15.1 cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-::::::* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update1::::::* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update2::::::* *cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmw
Added	CPE Configuration		Record truncated, showing 500 of 607 characters. View Entire Change Record AND OR cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-::::::* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update1::::::* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update2::::::* *cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:u
Added	CPE Configuration		Record truncated, showing 500 of 825 characters. View Entire Change Record AND OR cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware::::::::* versions up to (excluding) 15.1 cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-::::::* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update1::::::* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update2::::::* *cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_
Added	CPE Configuration		Record truncated, showing 500 of 613 characters. View Entire Change Record AND OR cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-::::::* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update1::::::* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update2::::::* *cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware
Added	CPE Configuration		Record truncated, showing 500 of 817 characters. View Entire Change Record AND OR cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware::::::::* versions up to (excluding) 15.1 cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-::::::* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update1::::::* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update2::::::* *cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmw
Added	CPE Configuration		Record truncated, showing 500 of 607 characters. View Entire Change Record AND OR cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-::::::* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update1::::::* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update2::::::* *cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:u
Added	CPE Configuration		Record truncated, showing 500 of 825 characters. View Entire Change Record AND OR cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware::::::::* versions up to (excluding) 15.1 cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-::::::* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update1::::::* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update2::::::* *cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_
Added	CPE Configuration		Record truncated, showing 500 of 613 characters. View Entire Change Record AND OR cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-::::::* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update1::::::* cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update2::::::* *cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware
Added	CPE Configuration		Record truncated, showing 500 of 579 characters. View Entire Change Record OR cpe:2.3:a:siemens:simatic_wincc_runtime_advanced::::::::* versions up to (excluding) 15.1 cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-::::::* cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1::::::* cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2::::::* cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3::::::* cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update4::::::*
Removed	CPE Configuration	AND OR cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\"_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\"_firmware:16:-::::::* OR cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\":-:::::::*
Removed	CPE Configuration	AND OR cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\"_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\"_firmware:16:-::::::* OR cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\":-:::::::*
Removed	CPE Configuration	AND OR cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\"_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\"_firmware:16:-::::::* OR cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\":-:::::::*
Removed	CPE Configuration	AND OR cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\"_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\"_firmware:16:-::::::* OR cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\":-:::::::*
Removed	CPE Configuration	AND OR cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-::::::* OR cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:::::::*
Removed	CPE Configuration	AND OR cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-::::::* OR cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:::::::*
Removed	CPE Configuration	AND OR cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-::::::* OR cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:::::::*
Removed	CPE Configuration	AND OR cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-::::::* OR cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:::::::*
Removed	CPE Configuration	AND OR cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-::::::* OR cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:::::::*

CVE Modified by Siemens AG 8/10/2021 7:15:08 AM

Action	Type	Old Value	New Value
Added	CWE		Siemens AG CWE-770
Removed	CWE	Siemens AG CWE-119
Removed	CWE Reason	CWE-119 / More specific CWE option available
Changed	Description	SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a denial-of-service condition on the SIMATIC HMIs/WinCC Products SIMATIC HMI Comfort Outdoor Panels 7’ and 15’ (incl. SIPLUS variants), SIMATIC HMI Comfort Panels 4’to 22’ (incl. SIPLUS variants), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900, and KTP900F, SIMATIC WinCC Runtime Advanced (All versions prior to v16 Update 4).	Record truncated, showing 500 of 817 characters. View Entire Change Record A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (wit

Initial Analysis by NIST 5/21/2021 10:15:13 AM

Action	Type	Old Value	New Value
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\"_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\"_firmware:16:-::::::* OR cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\":-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\"_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\"_firmware:16:-::::::* OR cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\":-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\"_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\"_firmware:16:-::::::* OR cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\":-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\"_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\"_firmware:16:-::::::* OR cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\":-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-::::::* OR cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-::::::* OR cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-::::::* OR cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-::::::* OR cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware::::::::* versions up to (excluding) 16 cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-::::::* OR cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:sinamics_gh150_firmware::::::::* OR cpe:2.3:h:siemens:sinamics_gh150:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:sinamics_gl150_firmware::::::::* OR cpe:2.3:h:siemens:sinamics_gl150:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:sinamics_gm150_firmware::::::::* OR cpe:2.3:h:siemens:sinamics_gm150:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:sinamics_sh150_firmware::::::::* OR cpe:2.3:h:siemens:sinamics_sh150:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:sinamics_sl150_firmware::::::::* OR cpe:2.3:h:siemens:sinamics_sl150:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:sinamics_sm120_firmware::::::::* OR cpe:2.3:h:siemens:sinamics_sm120:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:sinamics_sm150_firmware::::::::* OR cpe:2.3:h:siemens:sinamics_sm150:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:sinamics_sm150i_firmware::::::::* OR cpe:2.3:h:siemens:sinamics_sm150i:-:::::::*
Added	CPE Configuration		OR cpe:2.3:a:siemens:simatic_wincc_runtime_advanced::::::::* versions up to (excluding) 16 cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:-::::::* cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update1::::::* cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update2::::::* cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update3::::::*
Added	CVSS V2		NIST (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Added	CVSS V3.1		NIST AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Added	CWE		NIST CWE-770
Changed	Reference Type	https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf No Types Assigned	https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf Vendor Advisory
Changed	Reference Type	https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf No Types Assigned	https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf Vendor Advisory
Changed	Reference Type	https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12 No Types Assigned	https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12 Third Party Advisory, US Government Resource

Quick Info

CVE Dictionary Entry:
CVE-2021-27383
NVD Published Date:
05/12/2021
NVD Last Modified:
12/16/2021
Source:
Siemens AG

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

CVE-2021-27383 Detail

Description

Metrics

References to Advisories, Solutions, and Tools

Weakness Enumeration

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Change History

CVE Modified by Siemens AG 5/14/2024 4:38:21 AM

Modified Analysis by NIST 12/16/2021 1:29:27 PM

CVE Modified by Siemens AG 10/12/2021 6:15:10 AM

CVE Modified by Siemens AG 9/14/2021 7:15:23 AM

CVE Modified by Siemens AG 8/10/2021 7:15:08 AM

Initial Analysis by NIST 5/21/2021 10:15:13 AM

CVE Modified by Siemens AG 5/13/2021 9:15:07 AM

Quick Info