CVE-2021-27385

high

Published 2021-05-12 · Modified 2026-06-02

💬 Discuss on Community ✚ Propose mitigation

CVSS v3

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v4 NEW

—

not yet in upstream

VIR risk

7.5

Description

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition.

Predictions

Exploit likelihood

83%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or — if you've already worked around this in production — publish your fix to the community-verified tier.

✚ Propose a mitigation on Community → Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

Application impact

Vendor	Product	Versions	Fixed
siemens	simatic_wincc_runtime_advanced	`{"endExcluding":"16"}`	`16`
siemens	simatic_wincc_runtime_advanced	`16`
siemens	sinamics_sh150	`-`
siemens	sinamics_sm150i	`-`
siemens	sinamics_gh150	`-`
siemens	sinamics_gl150	`-`
siemens	sinamics_gm150	`-`
siemens	sinamics_sl150	`-`
siemens	sinamics_sm120	`-`
siemens	sinamics_sm150	`-`
siemens	simatic_hmi_comfort_outdoor_panels_7\"	`-`
siemens	simatic_hmi_comfort_outdoor_panels_15\"	`-`
siemens	simatic_hmi_comfort_panels_4\"	`-`
siemens	simatic_hmi_comfort_panels_22\"	`-`
siemens	simatic_hmi_ktp_mobile_panels_ktp400f	`-`
siemens	simatic_hmi_ktp_mobile_panels_ktp700	`-`
siemens	simatic_hmi_ktp_mobile_panels_ktp700f	`-`
siemens	simatic_hmi_ktp_mobile_panels_ktp900	`-`
siemens	simatic_hmi_ktp_mobile_panels_ktp900f	`-`
siemens	simatic_wincc_runtime_advanced	`{"endExcluding":"15.1"}`	`15.1`
siemens	simatic_wincc_runtime_advanced	`15.1`

References

CWEs

CWE-400 CWE-835

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.