What is the severity of CVE-2021-44165?

CVE-2021-44165 has been assigned a high severity level due to its buffer overflow vulnerability.

How do I fix CVE-2021-44165?

To fix CVE-2021-44165, upgrade the firmware of the affected Siemens POWER METER SICAM Q100 devices to version 2.41 or later.

What products are affected by CVE-2021-44165?

CVE-2021-44165 affects all versions of the Siemens POWER METER SICAM Q100 firmware prior to version 2.41.

What type of vulnerability is CVE-2021-44165?

CVE-2021-44165 is classified as a buffer overflow vulnerability.

Can CVE-2021-44165 be exploited remotely?

Yes, CVE-2021-44165 can potentially be exploited remotely, leading to unauthorized access or other malicious actions.

Vulnerability/
CVE-2021-44165

critical

CWE

121 119

14/12/2021

21/11/2024

CVE-2021-44165: Buffer Overflow

First published: Tue Dec 14 2021(Updated: )

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41). The affected firmware contains a buffer overflow vulnerability in the web application that could allow a remote attacker with engineer or admin priviliges to potentially perform remote code execution.

Credit: productcert@siemens.com productcert@siemens.com

Affected Software	Affected Version	How to fix
Siemens 7kg9501-0aa01-2aa1 Firmware	<2.41
Siemens 7kg9501-0aa01-2aa1
Siemens 7kg9501-0aa31-0aa1 Firmware	<2.41
Siemens 7kg9501-0aa31-0aa1
Siemens 7kg9501-0aa31-2aa1 Firmware	<2.41
Siemens 7kg9501-0aa31-2aa1
Siemens 7kg9501-0aa01-0aa1 Firmware	<2.41
Siemens 7kg9501-0aa01-0aa1
All of
Siemens 7kg9501-0aa01-2aa1 Firmware	<2.41
Siemens 7kg9501-0aa01-2aa1
All of
Siemens 7kg9501-0aa31-0aa1 Firmware	<2.41
Siemens 7kg9501-0aa31-0aa1
All of
Siemens 7kg9501-0aa31-2aa1 Firmware	<2.41
Siemens 7kg9501-0aa31-2aa1
All of
Siemens 7kg9501-0aa01-0aa1 Firmware	<2.41
Siemens 7kg9501-0aa01-0aa1

Never miss a vulnerability like this again

Reference Links

https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf

Frequently Asked Questions

What is the severity of CVE-2021-44165?
CVE-2021-44165 has been assigned a high severity level due to its buffer overflow vulnerability.
How do I fix CVE-2021-44165?
To fix CVE-2021-44165, upgrade the firmware of the affected Siemens POWER METER SICAM Q100 devices to version 2.41 or later.
What products are affected by CVE-2021-44165?
CVE-2021-44165 affects all versions of the Siemens POWER METER SICAM Q100 firmware prior to version 2.41.
What type of vulnerability is CVE-2021-44165?
CVE-2021-44165 is classified as a buffer overflow vulnerability.
Can CVE-2021-44165 be exploited remotely?
Yes, CVE-2021-44165 can potentially be exploited remotely, leading to unauthorized access or other malicious actions.

collector/nvd-index
agent/type
collector/mitre-cve
source/MITRE
agent/weakness
agent/severity
agent/references
agent/description
agent/first-publish-date
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/last-modified-date
agent/author
agent/event
agent/softwarecombine
agent/tags
agent/source
vendor/siemens
canonical/siemens 7kg9501-0aa01-2aa1 firmware
canonical/siemens 7kg9501-0aa01-2aa1
canonical/siemens 7kg9501-0aa31-0aa1 firmware
canonical/siemens 7kg9501-0aa31-0aa1
canonical/siemens 7kg9501-0aa31-2aa1 firmware
canonical/siemens 7kg9501-0aa31-2aa1
canonical/siemens 7kg9501-0aa01-0aa1 firmware
canonical/siemens 7kg9501-0aa01-0aa1

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.