CVE-2021-37186
Published: Sep 14, 2021
Modified: Aug 4, 2024
Description
A vulnerability has been identified in LOGO! CMR2020 (All versions < V2.2), LOGO! CMR2040 (All versions < V2.2), SIMATIC RTU3010C (All versions < V4.0.9), SIMATIC RTU3030C (All versions < V4.0.9), SIMATIC RTU3031C (All versions < V4.0.9), SIMATIC RTU3041C (All versions < V4.0.9). The underlying TCP/IP stack does not properly calculate the random numbers used as ISN (Initial Sequence Numbers). An adjacent attacker with network access to the LAN interface could interfere with traffic, spoof the connection and gain access to sensitive information.
| Vendor | Product | Versions |
|---|---|---|
Siemens | LOGO! CMR2020 | affected All versions < V2.2 |
Siemens | LOGO! CMR2040 | affected All versions < V2.2 |
Siemens | SIMATIC RTU3010C | affected All versions < V4.0.9 |
Siemens | SIMATIC RTU3030C | affected All versions < V4.0.9 |
Siemens | SIMATIC RTU3031C | affected All versions < V4.0.9 |
Siemens | SIMATIC RTU3041C | affected All versions < V4.0.9 |
Weaknesses (CWE)
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now