CVE-2021-31401
HIGHHCC Embedded InterNiche < 4.3 - Integer Overflow via IP Total Length Field
Title source: llmDescription
An issue was discovered in tcp_rcv() in nptcp.c in HCC embedded InterNiche 4.0.1. The TCP header processing code doesn't sanitize the value of the IP total length field (header length + data length). With a crafted IP packet, an integer overflow occurs whenever the value of the IP data length is calculated by subtracting the length of the header from the total length of the IP packet.
References (3)
Core 3
Core References
Mitigation, Third Party Advisory x_refsource_confirm
https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf
Mitigation, Third Party Advisory x_refsource_misc
https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack/
Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert-vn
https://www.kb.cert.org/vuls/id/608209
Scores
CVSS v3
7.5
EPSS
0.0050
EPSS Percentile
66.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (3)
hcc-embedded/nichestack
< 4.3
siemens/sentron_3wa_com190_firmware
< 2.0.0
siemens/sentron_3wl_com35_firmware
< 1.2.0
Published
Aug 19, 2021
Tracked Since
Feb 18, 2026