CVE-2021-29998

An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in dhcp client.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 75%
VendorProductVersion
windrivervxworks
𝑥
< 6.5
siemensruggedcom_win_subscriber_station_firmware
*
siemensscalance_x200-4_p_irt_firmware
*
siemensscalance_x201-3p_irt_firmware
*
siemensscalance_x201-3p_irt_pro_firmware
*
siemensscalance_x202-2_irt_firmware
*
siemensscalance_x202-2p_irt_firmware
*
siemensscalance_x202-2p_irt_pro_firmware
*
siemensscalance_x204_irt_firmware
*
siemensscalance_x204_irt_pro_firmware
*
siemensscalance_x204-2_firmware
*
siemensscalance_x204-2fm_firmware
*
siemensscalance_x204-2ld_firmware
*
siemensscalance_x204-2ld_ts_firmware
*
siemensscalance_x204-2ts_firmware
*
siemensscalance_x206-1_firmware
*
siemensscalance_x206-1ld_firmware
*
siemensscalance_x208_firmware
*
siemensscalance_x208_pro_firmware
*
siemensscalance_x212-2_firmware
*
siemensscalance_x212-2ld_firmware
*
siemensscalance_x216_firmware
*
siemensscalance_x224_firmware
*
siemensscalance_x300_firmware
*
siemensscalance_x408_firmware
*
siemensscalance_xf201-3p_irt_firmware
*
siemensscalance_xf202-2p_irt_firmware
*
siemensscalance_xf204_firmware
*
siemensscalance_xf204_irt_firmware
*
siemensscalance_xf204-2_firmware
*
siemensscalance_xf204-2ba_irt_firmware
*
siemensscalance_xf206-1_firmware
*
siemensscalance_xf208_firmware
*
siemenssimatic_rf_181_eip_firmware
*
siemenssimatic_rf_182c_firmware
*
siemenssinamics_perfect_harmony_gh180_firmware
2015 ≤
𝑥
< 2022
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://cert-portal.siemens.com/productcert/pdf/ssa-560465.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-910883.pdf
https://support2.windriver.com/index.php?page=security-notices
https://us-cert.cisa.gov/ics/advisories/icsa-21-194-12
https://cert-portal.siemens.com/productcert/pdf/ssa-560465.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-910883.pdf
https://support2.windriver.com/index.php?page=security-notices
https://us-cert.cisa.gov/ics/advisories/icsa-21-194-12