What is the severity of CVE-2021-29998?

The severity of CVE-2021-29998 is classified as high due to the potential for a heap overflow vulnerability.

How do I fix CVE-2021-29998?

To fix CVE-2021-29998, update to a version of Wind River VxWorks that is 6.5 or later.

What products are affected by CVE-2021-29998?

CVE-2021-29998 affects Wind River VxWorks versions prior to 6.5 and certain Siemens Scalance devices.

What is a heap overflow in relation to CVE-2021-29998?

A heap overflow in CVE-2021-29998 may allow attackers to execute arbitrary code or cause denial of service.

Is there a workaround for CVE-2021-29998?

Currently, there are no official workarounds for CVE-2021-29998 other than applying the available updates.

Vulnerability/
CVE-2021-29998

critical

9.8

CWE

787

13/4/2021

3/8/2024

CVE-2021-29998

First published: Tue Apr 13 2021(Updated: )

An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in dhcp client.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Wind River VxWorks	<6.5
Siemens Ruggedcom Win Subscriber Station
Siemens Ruggedcom Win Subscriber Station
Siemens Scalance X200-4P IRT Firmware
Siemens SCALANCE X200-4P IRT (6GK5200-4AH00-2BA3)
Siemens Scalance X201-3P IRT Pro Firmware
Siemens SCALANCE X201-3P IRT PRO
Siemens Scalance X201-3P IRT Firmware
Siemens Scalance X201-3P IRT Pro Firmware
Siemens SCALANCE X202-2 IRT Firmware
Siemens SCALANCE X202-2IRT
Siemens Scalance X202-2P IRT PRO Firmware
Siemens SCALANCE X202-2P IRT
Siemens Scalance X202-2P IRT PRO Firmware
Siemens Scalance X202-2P IRT PRO Firmware
Siemens Scalance X-200IRT
Siemens SCALANCE X204IRT
Siemens Scalance X204IRT PRO Firmware
Siemens SCALANCE X204IRT PRO
Siemens Scalance X204-2
Siemens Scalance X204-2 Firmware
Siemens Scalance X204-2FM Firmware
Siemens SCALANCE X204-2FM
Siemens Scalance X204-2LD TS
Siemens SCALANCE X204-2LD TS
Siemens Scalance X204-2LD TS
Siemens SCALANCE X204-2TS
Siemens Scalance X204-2TS
Siemens SCALANCE X204-2TS
Siemens Scalance X206-1LD
Siemens Scalance X206-1 Firmware
Siemens Scalance X206-1LD
Siemens SCALANCE X206-1LD
Siemens Scalance X208
Siemens Scalance X208
Siemens SCALANCE X208 PRO
Siemens SCALANCE X208PRO
Siemens Scalance X212-2LD
Siemens SCALANCE X212-2
siemens scalance x212-2ld firmware
Siemens SCALANCE X212-2LD
Siemens Scalance X216 Firmware
Siemens SCALANCE X-200 Firmware
Siemens Scalance X224 Firmware
Siemens Scalance X224 Firmware
Siemens Scalance X-300 Firmware
Siemens Scalance X-300 Firmware
Siemens Scalance X408
Siemens SCALANCE X408-2
Siemens Scalance XF201-3P IRT
Siemens SCALANCE XF201-3P IRT
Siemens Scalance XF202-2P IRT
Siemens SCALANCE XF202-2P IRT
Siemens Scalance XF204 Firmware
Siemens Scalance XF204
Siemens SCALANCE XF204IRT firmware
Siemens SCALANCE XF204IRT (6GK5204-0BA00-2BF2)
Siemens Scalance XF204-2 Firmware
Siemens SCALANCE XF204-2
Siemens Scalance XF204-2BA IRT
Siemens SCALANCE XF204-2BA IRT
Siemens Scalance XF206-1
Siemens SCALANCE XF206-1
Siemens Scalance XF208
Siemens SCALANCE XF208
Siemens Simatic RF181EIP Firmware
Siemens SIMATIC RFID 181EIP
Siemens Simatic RF182C
Siemens SIMATIC RF182C (6GT2002-0JD10)
Siemens Sinamics Perfect Harmony GH180	>=2015<2022
Siemens Sinamics Perfect Harmony GH180

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2021-29998?
The severity of CVE-2021-29998 is classified as high due to the potential for a heap overflow vulnerability.
How do I fix CVE-2021-29998?
To fix CVE-2021-29998, update to a version of Wind River VxWorks that is 6.5 or later.
What products are affected by CVE-2021-29998?
CVE-2021-29998 affects Wind River VxWorks versions prior to 6.5 and certain Siemens Scalance devices.
What is a heap overflow in relation to CVE-2021-29998?
A heap overflow in CVE-2021-29998 may allow attackers to execute arbitrary code or cause denial of service.
Is there a workaround for CVE-2021-29998?
Currently, there are no official workarounds for CVE-2021-29998 other than applying the available updates.

agent/references
agent/type
agent/author
agent/severity
agent/weakness
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
collector/nvd-index
agent/software-canonical-lookup-request
agent/softwarecombine
agent/tags
vendor/windriver
canonical/wind river vxworks
vendor/siemens
canonical/siemens ruggedcom win subscriber station
canonical/siemens scalance x200-4p irt firmware
canonical/siemens scalance x200-4p irt (6gk5200-4ah00-2ba3)
canonical/siemens scalance x201-3p irt pro firmware
canonical/siemens scalance x201-3p irt pro
canonical/siemens scalance x201-3p irt firmware
canonical/siemens scalance x202-2 irt firmware
canonical/siemens scalance x202-2irt
canonical/siemens scalance x202-2p irt pro firmware
canonical/siemens scalance x202-2p irt
canonical/siemens scalance x-200irt
canonical/siemens scalance x204irt
canonical/siemens scalance x204irt pro firmware
canonical/siemens scalance x204irt pro
canonical/siemens scalance x204-2
canonical/siemens scalance x204-2 firmware
canonical/siemens scalance x204-2fm firmware
canonical/siemens scalance x204-2fm
canonical/siemens scalance x204-2ld ts
canonical/siemens scalance x204-2ts
canonical/siemens scalance x206-1ld
canonical/siemens scalance x206-1 firmware
canonical/siemens scalance x208
canonical/siemens scalance x208 pro
canonical/siemens scalance x208pro
canonical/siemens scalance x212-2ld
canonical/siemens scalance x212-2
canonical/siemens scalance x212-2ld firmware
canonical/siemens scalance x216 firmware
canonical/siemens scalance x-200 firmware
canonical/siemens scalance x224 firmware
canonical/siemens scalance x-300 firmware
canonical/siemens scalance x408
canonical/siemens scalance x408-2
canonical/siemens scalance xf201-3p irt
canonical/siemens scalance xf202-2p irt
canonical/siemens scalance xf204 firmware
canonical/siemens scalance xf204
canonical/siemens scalance xf204irt firmware
canonical/siemens scalance xf204irt (6gk5204-0ba00-2bf2)
canonical/siemens scalance xf204-2 firmware
canonical/siemens scalance xf204-2
canonical/siemens scalance xf204-2ba irt
canonical/siemens scalance xf206-1
canonical/siemens scalance xf208
canonical/siemens simatic rf181eip firmware
canonical/siemens simatic rfid 181eip
canonical/siemens simatic rf182c
canonical/siemens simatic rf182c (6gt2002-0jd10)
canonical/siemens sinamics perfect harmony gh180
version/siemens sinamics perfect harmony gh180/2015