First published: Tue Jun 08 2021(Updated: )
A vulnerability has been identified in SIMATIC RF166C (All versions > V1.1 and < V1.3.2), SIMATIC RF185C (All versions > V1.1 and < V1.3.2), SIMATIC RF186C (All versions > V1.1 and < V1.3.2), SIMATIC RF186CI (All versions > V1.1 and < V1.3.2), SIMATIC RF188C (All versions > V1.1 and < V1.3.2), SIMATIC RF188CI (All versions > V1.1 and < V1.3.2), SIMATIC RF360R (All versions < V2.0), SIMATIC Reader RF610R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF610R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF610R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF615R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF615R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF615R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF650R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF650R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF680R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF680R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF685R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF685R FCC (All versions > V3.0 < V4.0). Affected devices do not properly handle large numbers of incoming connections. An attacker may leverage this to cause a Denial-of-Service situation.
Credit: productcert@siemens.com
Affected Software | Affected Version | How to fix |
---|---|---|
Siemens Simatic Rf166c Firmware | >1.1<1.3.2 | |
Siemens Simatic Rf166c | ||
Siemens Simatic Rf185c Firmware | >1.1<1.3.2 | |
Siemens Simatic Rf185c | ||
Siemens Simatic Rf186c Firmware | >1.1<1.3.2 | |
Siemens Simatic Rf186c | ||
Siemens Simatic Rf186ci Firmware | >1.1<1.3.2 | |
Siemens Simatic Rf186ci | ||
Siemens Simatic Rf188c Firmware | >1.1<1.3.2 | |
Siemens Simatic Rf188c | ||
Siemens Simatic Rf188ci Firmware | >1.1<1.3.2 | |
Siemens Simatic Rf188ci | ||
Siemens Simatic Rf360r Firmware | <2.0 | |
Siemens Simatic Rf360r | ||
Siemens Simatic Reader Rf610r Cmiit Firmware | >=3.0<4.0 | |
Siemens Simatic Reader Rf610r Cmiit | ||
Siemens Simatic Reader Rf610r Etsi Firmware | >=3.0<4.0 | |
Siemens Simatic Reader Rf610r Etsi | ||
Siemens Simatic Reader Rf610r Fcc Firmware | >=3.0<4.0 | |
Siemens Simatic Reader Rf610r Fcc | ||
Siemens Simatic Reader Rf615r Cmiit Firmware | >=3.0<4.0 | |
Siemens Simatic Reader Rf615r Cmiit | ||
Siemens Simatic Reader Rf615r Etsi Firmware | >=3.0<4.0 | |
Siemens Simatic Reader Rf615r Etsi | ||
Siemens Simatic Reader Rf615r Fcc Firmware | >=3.0<4.0 | |
Siemens Simatic Reader Rf615r Fcc | ||
Siemens Simatic Reader Rf650r Cmiit Firmware | >=3.0<4.0 | |
Siemens Simatic Reader Rf650r Cmiit | ||
Siemens Simatic Reader Rf650r Etsi Firmware | >=3.0<4.0 | |
Siemens Simatic Reader Rf650r Etsi | ||
Siemens Simatic Reader Rf650r Fcc Firmware | >=3.0<4.0 | |
Siemens Simatic Reader Rf650r Fcc | ||
Siemens Simatic Reader Rf650r Arib Firmware | >=3.0<4.0 | |
Siemens Simatic Reader Rf650r Arib | ||
Siemens Simatic Reader Rf680r Cmiit Firmware | >=3.0<4.0 | |
Siemens Simatic Reader Rf680r Cmiit | ||
Siemens Simatic Reader Rf680r Etsi Firmware | >=3.0<4.0 | |
Siemens Simatic Reader Rf680r Etsi | ||
Siemens Simatic Reader Rf680r Fcc Firmware | >=3.0<4.0 | |
Siemens Simatic Reader Rf680r Fcc | ||
Siemens Simatic Reader Rf680r Arib Firmware | >=3.0<4.0 | |
Siemens Simatic Reader Rf680r Arib | ||
Siemens Simatic Reader Rf685r Cmiit Firmware | >=3.0<4.0 | |
Siemens Simatic Reader Rf685r Cmiit | ||
Siemens Simatic Reader Rf685r Etsi Firmware | >=3.0<4.0 | |
Siemens Simatic Reader Rf685r Etsi | ||
Siemens Simatic Reader Rf685r Fcc Firmware | >=3.0<4.0 | |
Siemens Simatic Reader Rf685r Fcc | ||
Siemens Simatic Reader Rf685r Arib Firmware | >=3.0<4.0 | |
Siemens Simatic Reader Rf685r Arib |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2021-31340.
The SIMATIC RF166C, SIMATIC RF185C, SIMATIC RF186C, SIMATIC RF186CI, and SIMATIC RF188C are affected.
The severity of CVE-2021-31340 is high with a CVSS score of 7.5.
To fix CVE-2021-31340, update to versions higher than V1.1 and lower than V1.3.2 for the affected products.
You can find more information about CVE-2021-31340 at https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf.