CVE-2021-31893
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-31893
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Siemens SIMATIC PCS 7 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Siemens SIMATIC PCS 7是德国西门子(Siemens)公司的一套过程控制系统。 Siemens SIMATIC PCS 7存在安全漏洞,该漏洞可能允许本地攻击者触发拒绝服务或可导致远程代码执行。以下产品和版本受到影响:SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC S
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Siemens | SIMATIC PCS 7 V8.2 and earlier | All versions | - | |
| Siemens | SIMATIC PCS 7 V9.0 | All versions < V9.0 SP3 | - | |
| Siemens | SIMATIC PDM | All versions < V9.2 | - | |
| Siemens | SIMATIC STEP 7 V5.X | All versions < V5.6 SP2 HF3 | - | |
| Siemens | SINAMICS STARTER (containing STEP 7 OEM version) | All versions < V5.4 HF2 | - |
II. Public POCs for CVE-2021-31893
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2021-31893
请登录查看更多情报信息。
Same Patch Batch · Siemens · 2021-07-13 · 56 CVEs total
| CVE-2021-31895 | 8.1 HIGH | Siemens RUGGEDCOM安全漏洞 |
| CVE-2020-28400 | 7.5 HIGH | Siemens SCALANCE S602安全漏洞 |
| CVE-2021-34315 | Siemens Jt2go 和 Siemens Teamcenter Visualization 缓冲区错误漏洞 | |
| CVE-2021-34327 | Siemens JT2GO 缓冲区错误漏洞 | |
| CVE-2021-34330 | Siemens Jt2go和Siemens Teamcenter Visualization 输入验证错误漏洞 | |
| CVE-2021-34329 | Siemens JT2GO和Siemens Teamcenter Visualization 缓冲区错误漏洞 | |
| CVE-2021-34328 | Siemens JT2GO 缓冲区错误漏洞 | |
| CVE-2021-34331 | Siemens Jt2go 和 Siemens Teamcenter Visualization 缓冲区错误漏洞 | |
| CVE-2021-34319 | Siemens Jt2go 和 Siemens Teamcenter Visualization 缓冲区错误漏洞 | |
| CVE-2021-34318 | Siemens Jt2go和Siemens Teamcenter Visualization 输入验证错误漏洞 | |
| CVE-2021-34317 | Siemens JT2GO 和 Siemens Teamcenter Visualization 缓冲区错误漏洞 | |
| CVE-2021-34316 | Siemens Jt2go 和 Siemens Teamcenter Visualization 缓冲区错误漏洞 | |
| CVE-2021-34321 | Siemens JT2GO 和 Siemens Teamcenter Visualization 缓冲区错误漏洞 | |
| CVE-2021-34314 | Siemens Jt2go 和 Siemens Teamcenter Visualization 缓冲区错误漏洞 | |
| CVE-2021-34313 | Siemens Jt2go 缓冲区错误漏洞 | |
| CVE-2021-34312 | Siemens JT2GO 和 Siemens Teamcenter Visualization 缓冲区错误漏洞 | |
| CVE-2021-34311 | Siemens Jt2go 和 Siemens Teamcenter Visualization 缓冲区错误漏洞 | |
| CVE-2021-34310 | Siemens Jt2go 和 Siemens Teamcenter Visualization 缓冲区错误漏洞 | |
| CVE-2021-34309 | Siemens Jt2go 和 Siemens Teamcenter Visualization 缓冲区错误漏洞 | |
| CVE-2021-34308 | Siemens JT2GO 缓冲区错误漏洞 |
Showing top 20 of 56 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same weakness: CWE-120
- CVE-2026-8260
D-Link DCS-935L HNAP Service hnap_service SetDeviceSettings - CVE-2026-8137
Totolink X5000R formDdns sub_458E40 buffer overflow - CVE-2026-6691
MongoDB C Driver Cyrus SASL Canonicalization Buffer Overflow - CVE-2026-7857
D-Link DI-8100 CGI user_group.asp sprintf buffer overflow - CVE-2026-7856
D-Link DI-8100 Web Management url_member.asp buffer overflow
V. Comments for CVE-2021-31893
No comments yet