CVE-2021-29998

Q: What is the severity of CVE-2021-29998?

The severity of CVE-2021-29998 is classified as high due to the potential for a heap overflow vulnerability.

Q: How do I fix CVE-2021-29998?

To fix CVE-2021-29998, update to a version of Wind River VxWorks that is 6.5 or later.

Q: What products are affected by CVE-2021-29998?

CVE-2021-29998 affects Wind River VxWorks versions prior to 6.5 and certain Siemens Scalance devices.

Q: What is a heap overflow in relation to CVE-2021-29998?

A heap overflow in CVE-2021-29998 may allow attackers to execute arbitrary code or cause denial of service.

Q: Is there a workaround for CVE-2021-29998?

Currently, there are no official workarounds for CVE-2021-29998 other than applying the available updates.

Published Apr 13, 2021

Updated

An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in dhcp client.

Affected Software

71 affected components

Windriver Vxworks<6.5

Siemens Ruggedcom Win Subscriber Station Firmware

Siemens Ruggedcom Win Subscriber Station

Siemens Scalance X200-4 P Irt Firmware

Siemens SCALANCE X200-4 P IRT

Siemens Scalance X201-3p Irt Firmware

Siemens SCALANCE X201-3P IRT

Siemens Scalance X201-3p Irt Pro Firmware

Siemens SCALANCE X201-3P IRT PRO

Siemens Scalance X202-2 Irt Firmware

Siemens SCALANCE X202-2 IRT

Siemens Scalance X202-2p Irt Firmware

Siemens Scalance X202-2p Irt

Siemens Scalance X202-2p Irt Pro Firmware

Siemens SCALANCE X202-2P IRT PRO

Siemens Scalance X204 Irt Firmware

Siemens SCALANCE X204 IRT

Siemens Scalance X204 Irt Pro Firmware

Siemens SCALANCE X204 IRT PRO

Siemens Scalance X204-2 Firmware

Siemens Scalance X204-2

Siemens Scalance X204-2fm Firmware

Siemens SCALANCE X204-2FM

Siemens Scalance X204-2ld Firmware

Siemens Scalance X204-2ld

Siemens Scalance X204-2ld Ts Firmware

Siemens Scalance X204-2ld Ts

Siemens Scalance X204-2ts Firmware

Siemens Scalance X204-2ts

Siemens Scalance X206-1 Firmware

Siemens SCALANCE X206-1

Siemens Scalance X206-1ld Firmware

Siemens Scalance X206-1ld

Siemens Scalance X208 Firmware

Siemens Scalance X208

Siemens Scalance X208 Pro Firmware

Siemens Scalance X208 Pro

Siemens Scalance X212-2 Firmware

Siemens SCALANCE X212-2

Siemens Scalance X212-2ld Firmware

Siemens Scalance X212-2ld

Siemens Scalance X216 Firmware

Siemens SCALANCE X216

Siemens Scalance X224 Firmware

Siemens SCALANCE X224

Siemens Scalance X300 Firmware

Siemens Scalance X300

Siemens Scalance X408 Firmware

Siemens Scalance X408

Siemens Scalance Xf201-3p Irt Firmware

Siemens Scalance Xf201-3p Irt

Siemens Scalance Xf202-2p Irt Firmware

Siemens Scalance Xf202-2p Irt

Siemens Scalance Xf204 Firmware

Siemens Scalance Xf204

Siemens Scalance Xf204 Irt Firmware

Siemens Scalance Xf204 Irt

Siemens Scalance Xf204-2 Firmware

Siemens Scalance Xf204-2

Siemens Scalance Xf204-2ba Irt Firmware

Siemens Scalance Xf204-2ba Irt

Siemens Scalance Xf206-1 Firmware

Siemens Scalance Xf206-1

Siemens Scalance Xf208 Firmware

Siemens Scalance Xf208

Siemens Simatic Rf 181 Eip Firmware

Siemens Simatic Rf 181 Eip

Siemens Simatic Rf 182c Firmware

Siemens Simatic Rf 182c

Siemens Sinamics Perfect Harmony Gh180 Firmware>=2015<2022

Siemens Sinamics Perfect Harmony Gh180

Event History

Apr 13, 2021

CVE Published

via MITRE·04:16 PM

Data Sourced

via MITRE·04:16 PM

Description

Frequently Asked Questions

What is the severity of CVE-2021-29998?

The severity of CVE-2021-29998 is classified as high due to the potential for a heap overflow vulnerability.

How do I fix CVE-2021-29998?

To fix CVE-2021-29998, update to a version of Wind River VxWorks that is 6.5 or later.

What products are affected by CVE-2021-29998?

CVE-2021-29998 affects Wind River VxWorks versions prior to 6.5 and certain Siemens Scalance devices.

What is a heap overflow in relation to CVE-2021-29998?

A heap overflow in CVE-2021-29998 may allow attackers to execute arbitrary code or cause denial of service.

Is there a workaround for CVE-2021-29998?