CVE-2021-27384
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-27384
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
在缓冲区结束位置之后访问内存
Source: NVD (National Vulnerability Database)
Vulnerability Title
Siemens SIMATIC WinCC 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Siemens SIMATIC WinCC是德国西门子(Siemens)公司的一套自动化的数据采集与监控(SCADA)系统。 SIMATIC WinCC存在安全漏洞。该漏洞源于程序存在一个超出范围的内存访问漏洞,该漏洞由客户端的二进制数据流表示,这可能导致代码执行。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2021-27384
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2021-27384
请登录查看更多情报信息。
- https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2021-27384
Same Patch Batch · Siemens · 2021-05-12 · 13 CVEs total
| CVE-2021-27385 | Siemens SmartVNC 资源管理错误漏洞 | |
| CVE-2021-27386 | Siemens SIMATIC WinCC 缓冲区错误漏洞 | |
| CVE-2021-27396 | Siemens Tecnomatix Plant Simulation 安全漏洞 | |
| CVE-2021-27397 | Siemens Tecnomatix Plant Simulation 缓冲区错误漏洞 | |
| CVE-2021-27398 | siemens Tecnomatix RobotExpert 安全漏洞 | |
| CVE-2021-31339 | Siemens Mendix 安全漏洞 | |
| CVE-2020-25242 | 多款 Siemens 设备资源管理错误漏洞 | |
| CVE-2021-25660 | Siemens SIMATIC WinCC 缓冲区错误漏洞 | |
| CVE-2021-25661 | Siemens SIMATIC WinCC 安全漏洞 | |
| CVE-2021-25662 | Siemens SIMATIC WinCC 安全漏洞 | |
| CVE-2021-27383 | Siemens SmartVNC 缓冲区错误漏洞 | |
| CVE-2019-19276 | 多款 Siemens 设备缓冲区错误漏洞 |
IV. Related Vulnerabilities
Same weakness: CWE-788
- CVE-2023-20585
Microsoft Input-Output Memory Management Unit 安全漏洞 - CVE-2026-20052
Cisco Secure Firewall Threat Defense Software Snort 3 Memory - CVE-2026-21316
Audition | Access of Memory Location After End of Buffer (CW - CVE-2025-36581
Dell PowerEdge Platform 14G AMD BIOS 安全漏洞 - CVE-2025-43580
Audition | Access of Memory Location After End of Buffer (CW
V. Comments for CVE-2021-27384
No comments yet