Details of VAR-202106-1219

ID

VAR-202106-1219

CVE

CVE-2021-33535

TITLE

plural Weidmueller Industrial WLAN Device string formatting vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2021-008519

DESCRIPTION

In Weidmueller Industrial WLAN devices in multiple versions an exploitable format string vulnerability exists in the iw_console conio_writestr functionality. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. Weidmueller Industrial WLAN devices is an industrial control WIAN of Weidmueller company in Germany. Attackers can use this vulnerability to cause remote code execution

Trust: 2.16

sources: NVD: CVE-2021-33535 // JVNDB: JVNDB-2021-008519 // CNVD: CNVD-2021-48141

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-48141

AFFECTED PRODUCTS

vendor:	weidmueller	model:	ie-wlt-vl-ap-br-cl-us	scope:	lte	version:	1.11.10	Trust: 1.0
vendor:	weidmueller	model:	ie-wl-vl-ap-br-cl-us	scope:	lte	version:	1.16.18	Trust: 1.0
vendor:	weidmueller	model:	ie-wlt-vl-ap-br-cl-us	scope:	lte	version:	1.16.18	Trust: 1.0
vendor:	weidmueller	model:	ie-wl-bl-ap-cl-us	scope:	lte	version:	1.16.18	Trust: 1.0
vendor:	weidmueller	model:	ie-wl-bl-ap-cl-eu	scope:	lte	version:	1.11.10	Trust: 1.0
vendor:	weidmueller	model:	ie-wlt-vl-ap-br-cl-eu	scope:	lte	version:	1.16.18	Trust: 1.0
vendor:	weidmueller	model:	ie-wl-vl-ap-br-cl-eu	scope:	lte	version:	1.11.10	Trust: 1.0
vendor:	weidmueller	model:	ie-wlt-vl-ap-br-cl-eu	scope:	lte	version:	1.11.10	Trust: 1.0
vendor:	weidmueller	model:	ie-wlt-bl-ap-cl-eu	scope:	lte	version:	1.11.10	Trust: 1.0
vendor:	weidmueller	model:	ie-wlt-bl-ap-cl-us	scope:	lte	version:	1.11.10	Trust: 1.0
vendor:	weidmueller	model:	ie-wl-bl-ap-cl-us	scope:	lte	version:	1.11.10	Trust: 1.0
vendor:	weidmueller	model:	ie-wl-bl-ap-cl-eu	scope:	lte	version:	1.16.18	Trust: 1.0
vendor:	weidmueller	model:	ie-wl-vl-ap-br-cl-us	scope:	lte	version:	1.11.10	Trust: 1.0
vendor:	weidmueller	model:	ie-wl-vl-ap-br-cl-eu	scope:	lte	version:	1.16.18	Trust: 1.0
vendor:	weidmueller	model:	ie-wlt-bl-ap-cl-eu	scope:	lte	version:	1.16.18	Trust: 1.0
vendor:	weidmueller	model:	ie-wlt-bl-ap-cl-us	scope:	lte	version:	1.16.18	Trust: 1.0
vendor:	weidmueller	model:	ie-wlt-bl-ap-cl-eu	scope:	-	version:	-	Trust: 0.8
vendor:	weidmueller	model:	ie-wl-vl-ap-br-cl-eu	scope:	-	version:	-	Trust: 0.8
vendor:	weidmueller	model:	ie-wlt-bl-ap-cl-us	scope:	-	version:	-	Trust: 0.8
vendor:	weidmueller	model:	ie-wlt-vl-ap-br-cl-eu	scope:	-	version:	-	Trust: 0.8
vendor:	weidmueller	model:	ie-wl-bl-ap-cl-eu	scope:	-	version:	-	Trust: 0.8
vendor:	weidmueller	model:	ie-wl-bl-ap-cl-us	scope:	-	version:	-	Trust: 0.8
vendor:	weidmueller	model:	ie-wlt-vl-ap-br-cl-us	scope:	-	version:	-	Trust: 0.8
vendor:	weidmueller	model:	ie-wl-vl-ap-br-cl-us	scope:	-	version:	-	Trust: 0.8
vendor:	weidmueller	model:	ie-wl-bl-ap-cl-us (build	scope:	lte	version:	<=v1.16.1818081617)	Trust: 0.6
vendor:	weidmueller	model:	ie-wlt-bl-ap-cl-us (build	scope:	lte	version:	<=v1.16.1818081617)	Trust: 0.6
vendor:	weidmueller	model:	ie-wl-bl-ap-cl-eu (build	scope:	lte	version:	<=v1.16.1818081617)	Trust: 0.6
vendor:	weidmueller	model:	ie-wlt-bl-ap-cl-eu (build	scope:	lte	version:	<=v1.16.1818081617)	Trust: 0.6
vendor:	weidmueller	model:	ie-wl-vl-ap-br-cl-eu (build	scope:	lte	version:	<=v1.11.1018122616)	Trust: 0.6
vendor:	weidmueller	model:	ie-wlt-vl-ap-br-cl-eu (build	scope:	lte	version:	<=v1.11.1018122616)	Trust: 0.6
vendor:	weidmueller	model:	ie-wl-vl-ap-br-cl-us (build	scope:	lte	version:	<=v1.11.1018122616)	Trust: 0.6
vendor:	weidmueller	model:	ie-wlt-vl-ap-br-cl-us (build	scope:	lte	version:	<=v1.11.1018122616)	Trust: 0.6

sources: CNVD: CNVD-2021-48141 // JVNDB: JVNDB-2021-008519 // NVD: CVE-2021-33535

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-33535
value:	HIGH
Trust: 1.0
info@cert.vde.com:	CVE-2021-33535
value:	HIGH
Trust: 1.0
NVD:	CVE-2021-33535
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2021-48141
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202106-1757
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2021-33535
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2021-48141
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2021-33535
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 2.0
OTHER:	JVNDB-2021-008519
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2021-48141 // JVNDB: JVNDB-2021-008519 // CNNVD: CNNVD-202106-1757 // NVD: CVE-2021-33535 // NVD: CVE-2021-33535

PROBLEMTYPE DATA

problemtype:	CWE-134	Trust: 1.0
problemtype:	Format string problem (CWE-134) [ Other ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-008519 // NVD: CVE-2021-33535

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202106-1757

TYPE

format string error

Trust: 0.6

sources: CNNVD: CNNVD-202106-1757

PATCH

title:	Top Page	url:	https://www.weidmueller.com/int/index.jsp	Trust: 0.8
title:	Patch for Weidmueller Industrial WLAN devices format string error vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/277171	Trust: 0.6

sources: CNVD: CNVD-2021-48141 // JVNDB: JVNDB-2021-008519

EXTERNAL IDS

db:	NVD	id:	CVE-2021-33535	Trust: 3.8
db:	CERT@VDE	id:	VDE-2021-026	Trust: 2.4
db:	JVNDB	id:	JVNDB-2021-008519	Trust: 0.8
db:	CNVD	id:	CNVD-2021-48141	Trust: 0.6
db:	CNNVD	id:	CNNVD-202106-1757	Trust: 0.6

sources: CNVD: CNVD-2021-48141 // JVNDB: JVNDB-2021-008519 // CNNVD: CNNVD-202106-1757 // NVD: CVE-2021-33535

REFERENCES

url:	https://cert.vde.com/en-us/advisories/vde-2021-026	Trust: 2.4
url:	https://nvd.nist.gov/vuln/detail/cve-2021-33535	Trust: 2.0

sources: CNVD: CNVD-2021-48141 // JVNDB: JVNDB-2021-008519 // CNNVD: CNNVD-202106-1757 // NVD: CVE-2021-33535

SOURCES

db:	CNVD	id:	CNVD-2021-48141
db:	JVNDB	id:	JVNDB-2021-008519
db:	CNNVD	id:	CNNVD-202106-1757
db:	NVD	id:	CVE-2021-33535

LAST UPDATE DATE

2024-08-14T13:23:31.605000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2021-48141	date:	2021-07-07T00:00:00
db:	JVNDB	id:	JVNDB-2021-008519	date:	2022-03-18T06:29:00
db:	CNNVD	id:	CNNVD-202106-1757	date:	2021-07-01T00:00:00
db:	NVD	id:	CVE-2021-33535	date:	2021-07-27T20:53:53.467

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2021-48141	date:	2021-07-07T00:00:00
db:	JVNDB	id:	JVNDB-2021-008519	date:	2022-03-18T00:00:00
db:	CNNVD	id:	CNNVD-202106-1757	date:	2021-06-25T00:00:00
db:	NVD	id:	CVE-2021-33535	date:	2021-06-25T19:15:09.357