CVE-2021-31887

Our new Biannual ICS Risk & Vulnerability Report is the most up-to-date look at CVEs disclosed in OT devices. • Check it out!

CWE-170: IMPROPER NULL TERMINATION
FTP server does not properly validate the length of the “PWD/XPWD” command, leading to stack-based buffer overflows. This may result in denial-of-service conditions and remote code execution.

Risk Information

CVE ID
CVE-2021-31887
Vendor
Siemens
Product
Nucleus
CVSS v3
8.8

CVE-2021-31887

Risk Information

Products

Industry Solutions

Partners

Resources

About