CVE-2021-25677

by Fred · 22/04/2021

A vulnerability has been identified in Capital VSTAR (Versions including affected DNS modules), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0). The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the DNS cache or spoof DNS resolving. Date published : 2021-04-22 https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf

https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf

CVE-2021-25677

Similar

Recent Posts

Categories

CVE-2021-25677

Share this:

Similar

Recent Posts

Categories

Tags