PT-2021-16744 · Siemens · Simatic S7-Plcsim

Published

2021-03-15

Updated

2021-03-18

CVE-2021-25673

CVSS v2.0

4.9

Medium

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions SIMATIC S7-PLCSIM V5.4 (All versions)

Description A Denial-of-Service condition can be caused in the application by an attacker with local access to the system when it is used to open a specially crafted file. As a consequence, the application could enter an infinite loop, become unresponsive, and must be restarted to restore the service.

Recommendations For SIMATIC S7-PLCSIM V5.4, avoid opening specially crafted files until a patch is available. As a temporary workaround, consider restarting the application to restore service in case it becomes unresponsive due to the Denial-of-Service condition.

Fix

Infinite Loop

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-835

Related Identifiers

CVE-2021-25673

Affected Products

Simatic S7-Plcsim

PT-2021-16744 · Siemens · Simatic S7-Plcsim

CVE-2021-25673

Weakness Enumeration

Related Identifiers

Affected Products

References · 3