Details of VAR-202504-1195

ID

VAR-202504-1195

CVE

CVE-2025-29931

TITLE

Siemens' telecontrol server basic Processing vulnerability due to inconsistent length parameter in

Trust: 0.8

sources: JVNDB: JVNDB-2025-011800

DESCRIPTION

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected product does not properly validate a length field in a serialized message which it uses to determine the amount of memory to be allocated for deserialization. This could allow an unauthenticated remote attacker to cause the application to allocate exhaustive amounts of memory and subsequently create a partial denial of service condition. Successful exploitation is only possible in redundant Telecontrol Server Basic setups and only if the connection between the redundant servers has been disrupted. Siemens' telecontrol server basic contains a processing vulnerability due to inconsistent length parameters.Service operation interruption (DoS) It may be in a state. TeleControl Server Basic is a server software for remote monitoring and control, widely used in the field of industrial automation

Trust: 2.16

sources: NVD: CVE-2025-29931 // JVNDB: JVNDB-2025-011800 // CNVD: CNVD-2025-08973

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-08973

AFFECTED PRODUCTS

vendor:	siemens	model:	telecontrol server basic	scope:	lt	version:	3.1.2.2	Trust: 1.0
vendor:	シーメンス	model:	telecontrol server basic	scope:	eq	version:	-	Trust: 0.8
vendor:	シーメンス	model:	telecontrol server basic	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	telecontrol server basic	scope:	eq	version:	3.1.2.2	Trust: 0.8
vendor:	siemens	model:	telecontrol server basic	scope:	lt	version:	v3.1.2.2	Trust: 0.6

sources: CNVD: CNVD-2025-08973 // JVNDB: JVNDB-2025-011800 // NVD: CVE-2025-29931

CVSS

SEVERITY

CVSSV2

CVSSV3

productcert@siemens.com:	CVE-2025-29931
value:	MEDIUM
Trust: 1.0
OTHER:	JVNDB-2025-011800
value:	LOW
Trust: 0.8
CNVD:	CNVD-2025-08973
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2025-08973
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

productcert@siemens.com:	CVE-2025-29931
baseSeverity:	LOW
baseScore:	3.7
vectorString:	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	2.2
impactScore:	1.4
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2025-011800
baseSeverity:	LOW
baseScore:	3.7
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2025-08973 // JVNDB: JVNDB-2025-011800 // NVD: CVE-2025-29931

PROBLEMTYPE DATA

problemtype:	CWE-130	Trust: 1.0
problemtype:	Improper handling due to inconsistent length parameters (CWE-130) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2025-011800 // NVD: CVE-2025-29931

PATCH

title:

Patch for Siemens TeleControl Server Basic Denial of Service Vulnerability

url:

https://www.cnvd.org.cn/patchInfo/show/686151

Trust: 0.6

sources: CNVD: CNVD-2025-08973

EXTERNAL IDS

db:	NVD	id:	CVE-2025-29931	Trust: 3.2
db:	SIEMENS	id:	SSA-395348	Trust: 2.4
db:	JVN	id:	JVNVU90506697	Trust: 0.8
db:	ICS CERT	id:	ICSA-25-112-02	Trust: 0.8
db:	JVNDB	id:	JVNDB-2025-011800	Trust: 0.8
db:	CNVD	id:	CNVD-2025-08973	Trust: 0.6

sources: CNVD: CNVD-2025-08973 // JVNDB: JVNDB-2025-011800 // NVD: CVE-2025-29931

REFERENCES

url:	https://cert-portal.siemens.com/productcert/html/ssa-395348.html	Trust: 2.4
url:	https://jvn.jp/vu/jvnvu90506697/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2025-29931	Trust: 0.8
url:	https://www.cisa.gov/news-events/ics-advisories/icsa-25-112-02	Trust: 0.8

sources: CNVD: CNVD-2025-08973 // JVNDB: JVNDB-2025-011800 // NVD: CVE-2025-29931

SOURCES

db:	CNVD	id:	CNVD-2025-08973
db:	JVNDB	id:	JVNDB-2025-011800
db:	NVD	id:	CVE-2025-29931

LAST UPDATE DATE

2025-08-23T20:03:45.306000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-08973	date:	2025-05-06T00:00:00
db:	JVNDB	id:	JVNDB-2025-011800	date:	2025-08-20T06:02:00
db:	NVD	id:	CVE-2025-29931	date:	2025-08-19T14:48:34.130

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-08973	date:	2025-04-17T00:00:00
db:	JVNDB	id:	JVNDB-2025-011800	date:	2025-08-20T00:00:00
db:	NVD	id:	CVE-2025-29931	date:	2025-04-17T11:15:47.807