How severe is CVE-2021-37205?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2021-37205?

This is classified as CWE-401, which is a common weakness in software security.

CVE-2021-37205 - HIGH Severity | CVSS 7.5

Vulnerability Description

A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions >= V4.5.0 < V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.9.2 < V2.9.4), SIMATIC S7-1500 Software Controller (All versions >= V21.9 < V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions >= V4.0 < V4.0 SP1), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets over port 102/tcp. A restart of the affected device is needed to restore normal operations.

Related Vulnerabilities

CVE-2016-4232

HIGH

CVSS:7.5(High)

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information from process memory v...

CWE-4012016

CVE-2016-6304

HIGH

CVSS:7.5(High)

Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status ...

CWE-4012016

CVE-2017-7654

HIGH

CVSS:7.5(High)

In Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak vulnerability was found within the Mosquitto Broker. Unauthenticated clients can send crafted CONNECT packets which could cause a denial of servi...

CWE-4012017

CVE-2018-11246

HIGH

CVSS:7.5(High)

K7TSMngr.exe in K7Computing K7AntiVirus Premium 15.1.0.53 has a Memory Leak.

CWE-4012018

CVE-2018-13844

HIGH

CVSS:7.5(High)

An issue has been found in HTSlib 1.8. It is a memory leak in fai_read in faidx.c. NOTE: This has been disputed with the assertion that this vulnerability exists in the test harness and HTSlib users w...

CWE-4012018

CVE-2018-17240

HIGH

CVSS:7.5(High)

There is a memory dump vulnerability on Netwave IP camera devices at //proc/kcore that allows an unauthenticated attacker to exfiltrate sensitive information from the network configuration (e.g., user...

CWE-4012018