Details of VAR-202108-1556

ID

VAR-202108-1556

CVE

CVE-2021-37166

TITLE

Nexus Control Panel authorization issue vulnerability

Trust: 0.6

sources: CNVD: CNVD-2021-62177

DESCRIPTION

A buffer overflow issue leading to denial of service was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. When HMI3 starts up, it binds a local service to a TCP port on all interfaces of the device, and takes extensive time for the GUI to connect to the TCP socket, allowing the connection to be hijacked by an external attacker. Swisslog Healthcare Nexus Panel is a medical device of Swisslog Healthcare. The vulnerability stems from an improper method used to bind local services to ports on the device interface. Attackers can use this vulnerability to hijack the connection. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Trust: 2.07

sources: NVD: CVE-2021-37166 // CNVD: CNVD-2021-62177 // CNNVD: CNNVD-202104-975 // VULMON: CVE-2021-37166

IOT TAXONOMY

category:

['IoT']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-62177

AFFECTED PRODUCTS

vendor:	swisslog healthcare	model:	hmi-3 control panel	scope:	lt	version:	7.2.5.7	Trust: 1.0
vendor:	swisslog	model:	healthcare nexus control panel	scope:	lt	version:	7.2.5.7	Trust: 0.6

sources: CNVD: CNVD-2021-62177 // NVD: CVE-2021-37166

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-37166
value:	HIGH
Trust: 1.0
CNVD:	CNVD-2021-62177
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202104-975
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202108-087
value:	HIGH
Trust: 0.6
VULMON:	CVE-2021-37166
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2021-37166
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
CNVD:	CNVD-2021-62177
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2021-37166
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0

sources: CNVD: CNVD-2021-62177 // VULMON: CVE-2021-37166 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202108-087 // NVD: CVE-2021-37166

PROBLEMTYPE DATA

problemtype:

CWE-120

Trust: 1.0

sources: NVD: CVE-2021-37166

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202108-087

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

PATCH

title:	Patch for Nexus Control Panel authorization issue vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/285991	Trust: 0.6
title:	Swisslog Healthcare Nexus Panel Remediation measures for authorization problem vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=159476	Trust: 0.6

sources: CNVD: CNVD-2021-62177 // CNNVD: CNNVD-202108-087

EXTERNAL IDS

db:	NVD	id:	CVE-2021-37166	Trust: 2.3
db:	ICS CERT	id:	ICSMA-21-215-01	Trust: 1.2
db:	CNVD	id:	CNVD-2021-62177	Trust: 0.6
db:	CS-HELP	id:	SB2021041363	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-975	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2625	Trust: 0.6
db:	CS-HELP	id:	SB2021080306	Trust: 0.6
db:	CNNVD	id:	CNNVD-202108-087	Trust: 0.6
db:	VULMON	id:	CVE-2021-37166	Trust: 0.1

sources: CNVD: CNVD-2021-62177 // VULMON: CVE-2021-37166 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202108-087 // NVD: CVE-2021-37166

REFERENCES

url:	https://www.armis.com/pwnedpiper	Trust: 1.7
url:	https://www.swisslog-healthcare.com/-/media/swisslog-healthcare/documents/customer-service/armis-documents/cve-2021-37166-bulletin---gui-socket-denial-of-service.pdf?rev=05321b2af1064eb2a6d6e6bf77604c6b&hash=40a927fe1153aa980428c93b2ef7eb40	Trust: 1.7
url:	https://us-cert.cisa.gov/ics/advisories/icsma-21-215-01	Trust: 1.2
url:	https://www.swisslog-healthcare.com	Trust: 1.1
url:	https://www.swisslog-healthcare.com/en-us/customer-care/security-information/cve-disclosures#:~:text=cve%20disclosures%20%20%20%20vulnerability%20name%20%2c%20%20cve-2021-37164%20%204%20more%20rows%20	Trust: 1.0
url:	https://www.cybersecurity-help.cz/vdb/sb2021041363	Trust: 0.6
url:	https://www.swisslog-healthcare.com/en-us/customer-care/security-information/cve-disclosures#:~:text=cve%20disclosures%20%20%20%20vulnerability%20name%20	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021080306	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2625	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/120.html	Trust: 0.1
url:	https://www.swisslog-healthcare.com/en-us/customer-care/security-information/cve-disclosures#:~:text=cve%20disclosures%20%20%20%20vulnerability%20name%20,%20%20cve-2021-37164%20%204%20more%20rows%20	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: CNVD: CNVD-2021-62177 // VULMON: CVE-2021-37166 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202108-087 // NVD: CVE-2021-37166

CREDITS

Barak Hadad and Ben Seri from Armis reported these vulnerabilities to Swisslog.

Trust: 0.6

sources: CNNVD: CNNVD-202108-087

SOURCES

db:	CNVD	id:	CNVD-2021-62177
db:	VULMON	id:	CVE-2021-37166
db:	CNNVD	id:	CNNVD-202104-975
db:	CNNVD	id:	CNNVD-202108-087
db:	NVD	id:	CVE-2021-37166

LAST UPDATE DATE

2024-08-14T13:17:30.909000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2021-62177	date:	2021-08-16T00:00:00
db:	VULMON	id:	CVE-2021-37166	date:	2021-08-10T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-14T00:00:00
db:	CNNVD	id:	CNNVD-202108-087	date:	2021-08-11T00:00:00
db:	NVD	id:	CVE-2021-37166	date:	2023-11-07T03:36:55.517

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2021-62177	date:	2021-08-16T00:00:00
db:	VULMON	id:	CVE-2021-37166	date:	2021-08-02T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-13T00:00:00
db:	CNNVD	id:	CNNVD-202108-087	date:	2021-08-02T00:00:00
db:	NVD	id:	CVE-2021-37166	date:	2021-08-02T13:15:07.897