CVE-2021-44165

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41). The affected firmware contains a buffer overflow vulnerability in the web application that could allow a remote attacker with engineer or admin priviliges to potentially perform remote code execution.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:siemens:7kg9501-0aa01-2aa1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:7kg9501-0aa01-2aa1:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:siemens:7kg9501-0aa31-0aa1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:7kg9501-0aa31-0aa1:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:siemens:7kg9501-0aa31-2aa1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:7kg9501-0aa31-2aa1:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:siemens:7kg9501-0aa01-0aa1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:7kg9501-0aa01-0aa1:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:30

Type Values Removed Values Added
References () https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf - Vendor Advisory () https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf - Vendor Advisory

Information

Published : 2021-12-14 12:15

Updated : 2024-11-21 06:30


NVD link : CVE-2021-44165

Mitre link : CVE-2021-44165

CVE.ORG link : CVE-2021-44165


JSON object : View

Products Affected

siemens

  • 7kg9501-0aa31-0aa1_firmware
  • 7kg9501-0aa01-0aa1_firmware
  • 7kg9501-0aa01-2aa1
  • 7kg9501-0aa01-2aa1_firmware
  • 7kg9501-0aa01-0aa1
  • 7kg9501-0aa31-0aa1
  • 7kg9501-0aa31-2aa1_firmware
  • 7kg9501-0aa31-2aa1
CWE
CWE-121

Stack-based Buffer Overflow