CVE-2021-25675

{"id": "CVE-2021-25675", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2021-03-15T17:15:22.003", "references": [{"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-256092.pdf", "tags": ["Vendor Advisory"], "source": "productcert@siemens.com"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-256092.pdf", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "productcert@siemens.com", "description": [{"lang": "en", "value": "CWE-369"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SIMATIC S7-PLCSIM V5.4 (All versions). An attacker with local access to the system could cause a Denial-of-Service condition in the application when it is used to open a specially crafted file. As a consequence, a divide by zero operation could occur and cause the application to terminate unexpectedly and must be restarted to restore the service."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en SIMATIC S7-PLCSIM versi\u00f3n V5.4 (todas las versiones). Un atacante con acceso local al sistema podr\u00eda causar una condici\u00f3n de Denegaci\u00f3n de Servicio en la aplicaci\u00f3n cuando es usada para abrir un archivo especialmente dise\u00f1ado. Como consecuencia, podr\u00eda ocurrir una operaci\u00f3n de divisi\u00f3n por cero y causar a la aplicaci\u00f3n finalizar inesperadamente y deba reiniciarse para restaurar el servicio"}], "lastModified": "2024-11-21T05:55:16.547", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:siemens:simatic_s7-plcsim:5.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5964421-8D14-4D38-B36A-EFC0E676BE65"}], "operator": "OR"}]}], "sourceIdentifier": "productcert@siemens.com"}